Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0306

Overview

Vulnerability Score 6.9 6.9
CVE Id CVE-2008-0306
Last Modified 07 Mar 2011 10:04:18
Published 11 Mar 2008 07:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector LOCAL
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0306

Summary

sdbstarter in SAP MaxDB 7.6.0.37, and possibly other versions, allows local users to execute arbitrary commands by using unspecified environment variables to modify configuration settings.

Vulnerable Systems

Application

  • Sap Maxdb 7.6.0.37


References

XF - maxdb-sdbstarter-privilege-escalation(41104)

VUPEN - ADV-2008-0844

SECTRACK - 1019570

BID - 28185

SECUNIA - 29312

IDEFENSE - 20080310 SAP MaxDB sdbstarter Privilege Escalation Vulnerability


Last Updated: 27 May 2016 10:46:46