Описание
Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed.
Ссылки
- ExploitPatchVendor Advisory
- ExploitPatchVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:sap:sap_db:7.3.29:*:*:*:*:*:*:*
cpe:2.3:a:sap:sap_db:7.4.3.7_beta:*:*:*:*:*:*:*
EPSS
Процентиль: 42%
0.00195
Низкий
6.2 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
больше 3 лет назад
Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed.
EPSS
Процентиль: 42%
0.00195
Низкий
6.2 Medium
CVSS2
Дефекты
NVD-CWE-Other