SAP crypto offers customers choice of remote code execution or denial of service

Home-baked encryption followed the wrong recipe

Yet another proprietary implementation of a popular protocol has turned up unexpected vulnerabilities, with SAP's data compression software open to remote code execution and denial-of-service exploits.…