Back to search
CVE-2003-0938
Published: Nov 21, 2003
Modified: Aug 8, 2024
PUBLISHED
Description
vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows local users to gain SYSTEM privileges via a malicious "NETAPI32.DLL" in the current working directory, which is found and loaded by SAP DB before the real DLL, as demonstrated using the SQLAT stored procedure.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
A111703-1
vendor-advisory
x_refsource_ATSTAKE
sapdb-NETAPI32-gain-privileges(13765)
vdb-entry
x_refsource_XF
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now