CVE-2008-0306

sdbstarter in SAP MaxDB 7.6.0.37, and possibly other versions, allows local users to execute arbitrary commands by using unspecified environment variables to modify configuration settings.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.9 UNKNOWN
LOCAL
MEDIUM
AV:L/AC:M/Au:N/C:C/I:C/A:C
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 15%
VendorProductVersion
sapmaxdb
7.6.0.37
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
maxdb-7.5.00
karmic
dne
jaunty
dne
intrepid
dne
hardy
dne
gutsy
ignored
feisty
ignored
edgy
ignored
dapper
ignored
References
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=670
http://secunia.com/advisories/29312
http://www.securityfocus.com/bid/28185
http://www.securitytracker.com/id?1019570
http://www.vupen.com/english/advisories/2008/0844/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41104
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=670
http://secunia.com/advisories/29312
http://www.securityfocus.com/bid/28185
http://www.securitytracker.com/id?1019570
http://www.vupen.com/english/advisories/2008/0844/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/41104