Local Access Vulnerability in SAP R/3 Web Application Server Demo by SAP
CVE-2001-0366

Currently unrated

Key Information:

Vendor

SAP
Status
SAPoscol
SAP R 3 Web Application Server Demo
Vendor
CVE Published:
27 June 2001

What is CVE-2001-0366?

A vulnerability exists in the SAP R/3 Web Application Server Demo prior to version 1.5, where the 'saposcol' component relies on the untrusted PATH environmental variable to locate and execute the expand program. This flaw enables local users to modify the PATH variable to point to a malicious version of the expand program, potentially leading to unauthorized root access.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.securityfocus.com/bid/2662
vdb-entryx_refsource_BID
https://exchange.xforce.ibmcloud.com/vulnerabilities/6487
vdb-entryx_refsource_XF
http://www.securityfocus.com/archive/1/180498
mailing-listx_refsource_BUGTRAQ

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.