Design/Logic Flaw

2006-05-2310:06:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

Low

0.007 Low

EPSS

Percentile

81.1%

JSON

Unspecified vulnerability in the sapdba command in SAP with Informix before 700, and 700 up to patch 100, allows local users to execute arbitrary commands via unknown vectors related to “insecure environment variable” handling.

References

lists.grok.org.uk/pipermail/full-disclosure/2006-May/046130.html

secunia.com/advisories/20180

securityreason.com/securityalert/941

securitytracker.com/id?1016122

www.cybsec.com/vuln/CYBSEC_Security_Pre-Advisory_Local_Privilege_Escalation_in_SAP_sapdba_Command.pdf

www.securityfocus.com/archive/1/434534/30/4890/threaded

www.securityfocus.com/bid/18028

www.vupen.com/english/advisories/2006/1861

exchange.xforce.ibmcloud.com/vulnerabilities/26526