SAP DB 7.3 .00 Symbolic Link Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/6316/info A vulnerability has been discovered in SAP DB that may allow an unprivileged to execute commands with root privileges. The vulnerability is due to insufficient sanity checks by lserver, when attempting to execut...

CVE-2002-1576

Summary: SAP DB 7.3 and earlier versions contain a local privilege escalation in the lserver component. The lserver uses the current working directory to locate and execute the lserversrv program. If a directory contains a symlink to the lserver executable and a malicious lserversrv is placed the...