CVE-2008-1810

Name of the Vulnerable Software and Affected Versions SAP MaxDB version 7.6.03.15

Description The issue is related to an untrusted search path vulnerability in the dbmsrv component of SAP MaxDB. This vulnerability allows local users to gain privileges by modifying the PATH environment variable.

Recommendations For SAP MaxDB version 7.6.03.15, consider restricting access to the dbmsrv component until a patch is available. As a temporary workaround, avoid using modified PATH environment variables to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.