Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0366

Overview

Vulnerability Score 7.2 7.2
CVE Id CVE-2001-0366
Last Modified 05 Sep 2008 04:23:55
Published 27 Jun 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity LOW
Authentication NONE

CVE-2001-0366

Summary

saposcol in SAP R/3 Web Application Server Demo before 1.5 trusts the PATH environmental variable to find and execute the expand program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse expand program.

Vulnerable Systems

Application

  • Sap R 3 Web Application Server Demo 1.5

  • Saposcol 1.0

  • Saposcol 1.1

  • Saposcol 1.2

  • Saposcol 1.3


References

BID - 2662

BUGTRAQ - 20010429 SAP R/3 Web Application Server Demo for Linux: root exploit

CONFIRM - ftp://ftp.sap.com/pub/linuxlab/saptools/README.saposcol

XF - linux-sap-execute-code(6487)


Last Updated: 27 May 2016 10:36:14