Multiple vulnerabilities have been identified in SAP MaxDB, which could be exploited by remote or local attackers to cause a denial of service or compromise an affected system.
The first issue is caused by a signedness error in the "vserver" component when processing user-supplied data, which could be exploited by an attacker who knows the name of an active database on the server to cause a denial of service or potentially execute arbitrary code by sending a specially crafted request to port 7210/TCP.
The second vulnerability is caused by a design error in the "sdbstarter" utility when handling environment variables, which could be exploited by a local attacker (member of the "sdba" group) to execute arbitrary code with "root" privileges.
Credits
Vulnerabilities reported by VeriSign iDefense Labs.
ChangeLog
2008-03-11 : Initial release
Vulnerability Management
Subscribe to FrSIRT VNS and receive real-time e-mail and SMS alerts when new vulnerabilities, exploits, or patches relevant to your systems and network configurations are available.
Feedback
If you have additional information or corrections for this security advisory please submit them via our contact form or by email to updates@frsirt.com.
French
