CVE-2006-2547

Sažetak

Unspecified vulnerability in the sapdba command in SAP with Informix before 700, and 700 up to patch 100, allows local users to execute arbitrary commands via unknown vectors related to "insecure environment variable" handling.

Reference

http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046130.html
http://secunia.com/advisories/20180
http://securityreason.com/securityalert/941
http://securitytracker.com/id?1016122
http://www.cybsec.com/vuln/CYBSEC_Security_Pre-Advisory_Local_Privilege_Escalation_in_SAP_sapdba_Command.pdf
http://www.securityfocus.com/archive/1/434534/30/4890/threaded
http://www.securityfocus.com/bid/18028
http://www.vupen.com/english/advisories/2006/1861
https://exchange.xforce.ibmcloud.com/vulnerabilities/26526

CVSS

Base:	10.0
Impact:	10.0
Exploitability:	10.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:L/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

18-10-2018 - 16:40

Objavljeno

23-05-2006 - 10:06