CVE-2003-0265

Currently unrated

Key Information:

Vendor: SAP
Status: SAP Db
Vendor: CVE Published:; 27 May 2003

Summary

Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed.

References

http://www.securityfocus.com/bid/7421

vdb-entryx_refsource_BID

http://marc.info/?l=bugtraq&m=105232424810097&w=2

mailing-listx_refsource_BUGTRAQ

Timeline

Vulnerability published
May 27, 2003
Vulnerability Reserved
May 7, 2003