Vulnerabilities > CVE-2002-1576 - Symbolic Link vulnerability in SAP DB 7.3.00
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
lserver in SAP DB 7.3 and earlier uses the current working directory to find and execute the lserversrv program, which allows local users to gain privileges with a malicious lserversrv that is called from a directory that has a symlink to the lserver program.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Exploit-Db
description | SAP DB 7.3 .00 Symbolic Link Vulnerability. CVE-2002-1576. Local exploit for unix platform |
id | EDB-ID:22067 |
last seen | 2016-02-02 |
modified | 2002-12-04 |
published | 2002-12-04 |
reporter | SAP Security |
source | https://www.exploit-db.com/download/22067/ |
title | SAP DB 7.3.00 - Symbolic Link Vulnerability |