World-writable permissions on RPM-installed SAP DB 7.x programs allow local privilege escalation

World-writable permissions on RPM-installed SAP DB 7.x programs allow local privilege escalation

CVE-2003-1034 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

The RPM installation of SAP DB 7.x creates the (1) dbmsrv or (2) lserver programs with world-writable permissions, which allows local users to gain privileges by modifying those programs.

Learn more about our Cis Benchmark Audit For Server Software.