CVE-2002-1576 - lserver in SAP DB 7.3 and earlier uses the current working directory to find and execute the lserver

CVE-2002-1576

Summary

lserver in SAP DB 7.3 and earlier uses the current working directory to find and execute the lserversrv program, which allows local users to gain privileges with a malicious lserversrv that is called from a directory that has a symlink to the lserver program.

References

http://marc.info/?l=bugtraq&m=103903565829796&w=2
http://www.sapdb.org/sap_db_alert.htm
http://www.securityfocus.com/bid/6316
https://exchange.xforce.ibmcloud.com/vulnerabilities/10762

Vulnerable Configurations

cpe:2.3:a:sap:sap_db:7.3.00:*:*:*:*:*:*:*
cpe:2.3:a:sap:sap_db:7.3.00:*:*:*:*:*:*:*

CVSS

Base:	7.2 (as of 11-07-2017 - 01:29)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
LOCAL	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:L/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bid	6316
bugtraq	20021204 SAP database local root via symlink
confirm	http://www.sapdb.org/sap_db_alert.htm
xf	sap-db-lserversrv-symlink(10762)

Last major update

11-07-2017 - 01:29

Published

15-04-2004 - 04:00

Last modified

11-07-2017 - 01:29