CVE-2006-2547
Summary
| CVE | CVE-2006-2547 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2006-05-23 10:06:00 UTC |
| Updated | 2018-10-18 16:40:00 UTC |
| Description | Unspecified vulnerability in the sapdba command in SAP with Informix before 700, and 700 up to patch 100, allows local users to execute arbitrary commands via unknown vectors related to "insecure environment variable" handling. |
Risk And Classification
Problem Types: NVD-CWE-Other
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| www.cybsec.com/vuln/CYBSEC_Security_Pre-Advisory_Local_Privilege_Escalation_... | MISC | www.cybsec.com | Patch |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| SAP sapdba Command for Informix Environment Variable Bug Lets Local Users Gain Elevated Privileges - SecurityTracker | SECTRACK | securitytracker.com | |
| IBM X-Force Exchange | XF | exchange.xforce.ibmcloud.com | |
| Webmail : Solution de messagerie professionnelle - OVHcloud- OVH | VUPEN | www.vupen.com | |
| SAP SAPDBA Local Privilege Escalation Vulnerability | BID | www.securityfocus.com | |
| CXSecurity - IDS | SREASON | securityreason.com | |
| [Full-disclosure] CYBSEC - Security Pre-Advisory: Local Privilege Escalation in SAP sapdba Command | FULLDISC | lists.grok.org.uk | Patch |
| SAP sapdba Command Insecure Environment Variable Handling - Secunia Advisories - Vulnerability Intelligence - Secunia.com | SECUNIA | secunia.com | Vendor Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
There are currently no legacy QID mappings associated with this CVE.