Local Privilege Escalation in SAP DB by Using Symlink
CVE-2002-1576

Currently unrated

Key Information:

Vendor

SAP
Status
SAP Db
Vendor
CVE Published:
15 April 2004

What is CVE-2002-1576?

The lserver in SAP DB 7.3 and earlier is vulnerable due to its reliance on the current working directory to find and execute the lserversrv program. This flaw allows local users to gain elevated privileges by exploiting a malicious lserversrv located in a directory that utilizes a symlink pointing to the lserver program. This vulnerability not only compromises the integrity of system access but also poses significant risks to the overall security of environments using affected versions of SAP DB.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/10762
vdb-entryx_refsource_XF
http://www.securityfocus.com/bid/6316
vdb-entryx_refsource_BID
http://www.sapdb.org/sap_db_alert.htm
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.