Info

Disclosure

Apr 27, 2003

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Unknown

Description

SAP DB contains a flaw that may allow a local malicious user to overwrite the contents of files during installation. The issue is due to a race condition in the installation, a period of several seconds passes between decompressing the files and setting the setuid bits. It is possible that the flaw may allow a malicious local user to overwrite the contents of the files between decompression and setting the setuid bits resulting in a loss of integrity.

Classification

Location: Local Access Required
Attack Type: Race Condition
Impact: Loss of Integrity
Exploit: Exploit Available
Disclosure: OSVDB Verified

Solution

Upgrade to version 7.4.03 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

SAP

SAP DB

7.3.0.29

References

ISS X-Force ID: 11881
CVE ID: 2003-0265 (see also: NVD)
Bugtraq ID: 7421
Generic Informational URL: http://marc.theaimsgroup.com/?l=bugtraq&m=105232424810097&w=2
Generic Exploit URL: http://vapid.dhs.org/sap-db-install.txt
Vendor Specific Solution URL: http://www.sapdb.org/7.4/sap_db_downloads.htm
Other Advisory URL: http://www.securiteam.com/unixfocus/5AP0N209PY.html

Credit

Larry W. Cashdollar - lcashdolgmail.com - Vapid Labs

Direct URL: http://osvdb.org/36218