CVE-2003-0265

Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed.

CVSS v2.0 6.2 MEDIUM

6.2^/10

CVSS v2.0 : MEDIUM

Vector : AV:L/AC:H/Au:N/C:C/I:C/A:C

Exploitability : 1.9 / Impact : 10.0

Access Vector LOCAL

Access Complexity HIGH

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://marc.info/?l=bugtraq&m=105232424810097&w=2
http://www.securityfocus.com/bid/7421	Exploit Patch Vendor Advisory
http://marc.info/?l=bugtraq&m=105232424810097&w=2
http://www.securityfocus.com/bid/7421	Exploit Patch Vendor Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:sap:sap_db:7.3.29:::::::*
	cpe:2.3:a:sap:sap_db:7.4.3.7_beta:::::::*

History

20 Nov 2024, 23:44

Type	Values Removed	Values Added
References	~~() http://marc.info/?l=bugtraq&m=105232424810097&w=2 -~~	() http://marc.info/?l=bugtraq&m=105232424810097&w=2 -
References	~~() http://www.securityfocus.com/bid/7421 - Exploit, Patch, Vendor Advisory~~	() http://www.securityfocus.com/bid/7421 - Exploit, Patch, Vendor Advisory

Information

Published : 2003-05-27 04:00

Updated : 2024-11-20 23:44

NVD link : CVE-2003-0265

Mitre link : CVE-2003-0265

CVE.ORG link : CVE-2003-0265

JSON object : View

Products Affected

sap

sap_db

CWE

NVD-CWE-Other

{"id": "CVE-2003-0265", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 6.2, "accessVector": "LOCAL", "vectorString": "AV:L/AC:H/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "HIGH", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "MEDIUM", "obtainAllPrivilege": true, "exploitabilityScore": 1.9, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2003-05-27T04:00:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=105232424810097&w=2", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/7421", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://marc.info/?l=bugtraq&m=105232424810097&w=2", "source": "af854a3a-2127-422b-91ae-364da2661108"}, {"url": "http://www.securityfocus.com/bid/7421", "tags": ["Exploit", "Patch", "Vendor Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed."}, {"lang": "es", "value": "Condici\u00f3n de carrera (\"race condition\") en SDINST para base de datos SAP 7.3.0.29 crea ficheros cr\u00edticos con permisos de escritura para todo el mundo antes de inicializar los bits uid, lo que permite que atacantes locales obtengan privilegios modificando los ficheros antes de que los permisos sean cambiados."}], "lastModified": "2024-11-20T23:44:20.843", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:sap:sap_db:7.3.29:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "1E504D0B-5C30-4D39-BC8B-97966BC80E1C"}, {"criteria": "cpe:2.3:a:sap:sap_db:7.4.3.7_beta:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "60910268-6E1F-4648-A20E-9C5C0DCBCF18"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}