Local Privilege Escalation in SAP Database Server by Malicious DLL
CVE-2003-0938

Currently unrated

Key Information:

Vendor: SAP
Status: SAP Db
Vendor: CVE Published:; 15 December 2003

What is CVE-2003-0938?

The vulnerability in the SAP database server (SAP DB) occurs when a local user exploits a flaw in how the software handles loading of dynamic link libraries. Specifically, a maliciously crafted 'NETAPI32.DLL' placed in the current working directory can be loaded before the legitimate DLL, allowing the attacker to gain SYSTEM privileges. This exploit is facilitated by the SQLAT stored procedure, making it critical for administrators to ensure proper security measures and updates are in place to mitigate the risk associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://www.atstake.com/research/advisories/2003/a111703-1...

vendor-advisoryx_refsource_ATSTAKE

https://exchange.xforce.ibmcloud.com/vulnerabilities/13765

vdb-entryx_refsource_XF

Timeline

Vulnerability published
Dec 15, 2003
Vulnerability Reserved
Nov 11, 2003

JSON

SAP

What is CVE-2003-0938?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

References

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.