SAP DB NETAPI32.DLL Elevated Privileges

2003-11-17T08:32:00
ID OSVDB:3081
Type osvdb
Reporter OSVDB
Modified 2003-11-17T08:32:00

Description

Vulnerability Description

SAP DB versions 7.4.03.27 contains a flaw that may allow a malicious user to gain access to unauthorized privileges. A local attacker, with write privileges to the SAP DB's current working directory, could load a fake NETAPI32.DLL file to gain elevated privileges on the system using the 'SQLAT' stored procedure.

Technical Description

SAP DB is a freely available open-source database for Microsoft Windows and Unix-based operating systems.

Solution Description

Upgrade to version 7.4.03.30 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

SAP DB versions 7.4.03.27 contains a flaw that may allow a malicious user to gain access to unauthorized privileges. A local attacker, with write privileges to the SAP DB's current working directory, could load a fake NETAPI32.DLL file to gain elevated privileges on the system using the 'SQLAT' stored procedure.

References:

Vendor URL: http://www.sapdb.org/ Secunia Advisory ID:10251 ISS X-Force ID: 13765 CVE-2003-0938