CVE-2006-2547

Published: May 23, 2006Modified: Apr 16, 2026

10.0

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability: 10.0 / Impact: 10.0

Source: NVD

Description

Unspecified vulnerability in the sapdba command in SAP with Informix before 700, and 700 up to patch 100, allows local users to execute arbitrary commands via unknown vectors related to "insecure environment variable" handling.

Affected (1)

Products: Sap: Sapdba

Sap

1 product

Sapdba

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Sap Sapdba	All versions

References (18)

http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046130.html

Source: cve@mitre.org

Patch

http://secunia.com/advisories/20180

Source: cve@mitre.org

Vendor Advisory

http://securityreason.com/securityalert/941

Source: cve@mitre.org

http://securitytracker.com/id?1016122

Source: cve@mitre.org

http://www.cybsec.com/vuln/CYBSEC_Security_Pre-Advisory_Local_Privilege_Escalation_in_SAP_sapdba_Command.pdf

Source: cve@mitre.org

Patch

http://www.securityfocus.com/archive/1/434534/30/4890/threaded

Source: cve@mitre.org

http://www.securityfocus.com/bid/18028

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2006/1861

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/26526

Source: cve@mitre.org

http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046130.html