CVE-2002-1576

SAP DB 7.3 - Local Privilege Escalation via lserversrv Path Manipulation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2002-1576. PoCs published by SAP Security.

AI-analyzed exploit summary This exploit leverages a symbolic link attack in SAP DB's lserver binary to execute a malicious 'lserversrv' binary with root privileges. The attacker creates a directory with a specific name, places a malicious binary, and tricks lserver into executing it due to insufficient path checks.

Description

lserver in SAP DB 7.3 and earlier uses the current working directory to find and execute the lserversrv program, which allows local users to gain privileges with a malicious lserversrv that is called from a directory that has a symlink to the lserver program.

Exploits (1)

exploitdb WORKING POC VERIFIED
by SAP Security · textlocalunix
https://www.exploit-db.com/exploits/22067

This exploit leverages a symbolic link attack in SAP DB's lserver binary to execute a malicious 'lserversrv' binary with root privileges. The attacker creates a directory with a specific name, places a malicious binary, and tricks lserver into executing it due to insufficient path checks.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: SAP DB (version not specified)
No auth needed
Prerequisites: Access to a system with SAP DB installed · Ability to write to a directory where lserver can be executed
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/10762
Exploit, Patch, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/6316
Patch x_refsource_confirm
http://www.sapdb.org/sap_db_alert.htm
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=103903565829796&w=2

Scores

EPSS 0.0090
EPSS Percentile 55.5%

Details

Status published
Products (1)
sap/sap_db 7.3.00
Published Apr 15, 2004
Tracked Since Feb 18, 2026