CVE-2006-2547 Information

Description

Unspecified vulnerability in the sapdba command in SAP with Informix before 700 and 700 up to patch 100 allows local users to execute arbitrary commands via unknown vectors related to \insecure environment variable\ handling.

Reference

http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/046130.html http://secunia.com/advisories/20180 http://securityreason.com/securityalert/941 http://securitytracker.com/id?1016122 http://www.cybsec.com/vuln/CYBSEC_Security_Pre-Advisory_Local_Privilege_Escalation_in_SAP_sapdba_Command.pdf http://www.securityfocus.com/archive/1/434534/30/4890/threaded http://www.securityfocus.com/bid/18028 http://www.vupen.com/english/advisories/2006/1861 https://exchange.xforce.ibmcloud.com/vulnerabilities/26526