Description
Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed.
Affected products
- SAP / sap_db7.3.29 – 7.3.29
- SAP / sap_db7.4.3.7_beta – 7.4.3.7_beta