CVE-2003-0265

SAP Database 7.3.0.29 - Privilege Escalation

Title source: llm

Description

Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Larry W. Cashdollar · perllocallinux

https://www.exploit-db.com/exploits/22531

View Code ZIP pw:eip

References (2)

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/7421

[Mailing List] http://marc.info/?l=bugtraq&m=105232424810097&w=2

Scores

EPSS 0.0019

EPSS Percentile 41.2%

Details

Status published

Products (2)

sap/sap_db 7.3.29

sap/sap_db 7.4.3.7_beta

Published May 27, 2003

Tracked Since Feb 18, 2026