CVE-2008-0244

SAP MaxDB 7.6.03 build 007 and earlier allows remote attackers to execute arbitrary commands via "&&" and other shell metacharacters in exec_sdbinfo and other unspecified commands, which are executed when MaxDB invokes cons.exe.
Severity
UNKNOWN
AV:N/AC:L/Au:N/C:C/I:C/A:C
Atk. Vector
NETWORK
Atk. Complexity
LOW
Base Score
CVSS 3.x
EPSS Score
Percentile: 99%
VendorProductVersion
sapmaxdb
𝑥
≤ 7.6.3_build_007
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
maxdb-7.5.00
karmic
dne
jaunty
dne
intrepid
dne
hardy
dne
gutsy
ignored
feisty
ignored
edgy
ignored
dapper
ignored