|
|
|
|
| |
Credit:
The information has been provided by iDefense Labs.
The original article can be found at: http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=670
|
| |
Vulnerable Systems:
* SAP AG's MaxDB version 7.6.0.37
This vulnerability exists due to a design error in the handling of certain environment variables. These variables are used to specify the configuration settings to be used by various MaxDB components. Since the "sdbstarter" program honors these settings, an attacker can execute arbitrary code with root privileges.
Analysis:
Exploitation allows an attacker to execute arbitrary code with root privileges. To exploit this vulnerability, an attacker must be able to execute the "sdbstarter" program. In a default installation, this requires that the attacker be a member of the "sdba" group.
It is important to note that this vulnerability is not architecture dependent. This vulnerability is trivially exploitable on any
Unix-based SAP MaxDB installation.
Vendor response:
SAP AG has addressed this vulnerability by releasing a new version of MaxDB. For more information, consult SAP note 1140135.
CVE Information:
CVE-2008-0306
Disclosure timeline:
12/05/2007 - Initial vendor notification
12/06/2007 - Initial vendor response
03/10/2008 - Coordinated public disclosure
|
|
|
|
|
