SAP Sybase Adaptive Server Enterprise DoS (SAP Note 1887342)

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.


Synopsis :

The version of SAP Sybase Adaptive Server Enterprise (ASE) installed on
the remote host is affected by a denial of service vulnerability.

Description :

An unauthenticated, remote attacker can trigger a condition in which
SAP Sybase ASE enters an endless loop, causing it to consume all of the
available processing time. This causes the entire machine to become
unresponsive until the process is terminated manually. An attacker can
use this flaw to launch a denial of service (DoS) attack.

See also :

https://service.sap.com/sap/support/notes/1887342
http://www.sybase.com/detail?id=1099371

Solution :

Apply one of the patches listed in the advisory.

Risk factor :

Medium / CVSS Base Score : 5.4
(CVSS2#AV:N/AC:H/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 4.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 70974 ()

Bugtraq ID: 63549

CVE ID: CVE-2013-6862

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now