Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed.
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/7421 | Exploit Patch Vendor Advisory |
http://marc.info/?l=bugtraq&m=105232424810097&w=2 |
Configurations
Configuration 1 (hide)
|
Information
Published : 2003-05-26 21:00
Updated : 2016-10-17 19:31
NVD link : CVE-2003-0265
Mitre link : CVE-2003-0265
JSON object : View
CWE
Products Affected
sap
- sap_db