Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-0265

Overview

Vulnerability Score 6.2 6.2
CVE Id CVE-2003-0265
Last Modified 05 Sep 2008 04:33:54
Published 27 May 2003 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity HIGH
Authentication NONE

CVE-2003-0265

Summary

Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed.

Vulnerable Systems

Application

  • Sap Db 7.3.29

  • Sap Db 7.4.3.7 Beta


References

BID - 7421

BUGTRAQ - 20030507 SAP database local root vulnerability during installation. (fwd)


Last Updated: 27 May 2016 10:37:50