Vulnerabilities > CVE-2003-0265 - Unspecified vulnerability in SAP DB 7.3.29/7.4.3.7Beta

047910
CVSS 6.2 - MEDIUM
Attack vector
LOCAL
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
COMPLETE
Integrity impact
COMPLETE
Availability impact
COMPLETE
local
high complexity
sap
exploit available
NVD
Published: 2003-05-27
Updated: 2016-10-18

Summary

Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed.

Vulnerable Configurations

Part Description Count
Application
Sap
2

Exploit-Db

descriptionSAP Database 7.3/7.4 SDBINST Race Condition Vulnerability. CVE-2003-0265. Local exploit for linux platform
idEDB-ID:22531
last seen2016-02-02
modified2003-04-23
published2003-04-23
reporterLarry W. Cashdollar
sourcehttps://www.exploit-db.com/download/22531/
titleSAP Database 7.3/7.4 SDBINST Race Condition Vulnerability

References