Reports refers about “Heartbleed” (see more at heartbleed.com) that it is a vulnerability that has potentially affects for hard and software vendors and for their on customers. Thus this information reads about vulnerability potentially allows authentication, remote attacking for retrieving memories from connecting servers, use Open SSL library. The missing bound checks in handling the Transport Layer Security (TLS) of heartbeat extension, thus the attacker is able to exploit the vulnerability. The outcome is that the closed portions memories contain sensitive information which includes private keys and password.
The malicious user is able to exploit HANA so that it is manually terminate. This issue is caused due to memory corruption that is the cause of process that terminates. This user can provoke conditions in which the process is working.
In customer scenarios, it is possible that additional tools or software is installed on the HANA server system either by the customer/hardware partner or that specific manual changes were made to the underlying operating system.
It is the responsibility of the hardware partner or customer to install/manage/update the operating systems on the client or server or any additional tools, software or changes on server and client machines (see SAP HANA Technical Operation Manual, http://help.sap.com/hana/SAP_HANA_Technical_Operations_Manual_en.pdf). SAP strongly recommends to validate with the respective vendor whether affected OpenSSL versions are in use.
Click here to know more on SAP HANA Security Vulnerability and Solutions