lserver in SAP DB 7.3 and earlier uses the current working directory to find and execute the lserversrv program, which allows local users to gain privileges with a malicious lserversrv that is called from a directory that has a symlink to the lserver program.
Score: 0.0
Priority: Unclassified
Score: 0.00281
Percentile:
0.51118
CVSS v2 Score: 7.2
Severity: