SAP Sybase Adaptive Server Enterprise Remote Code Execution (SAP Note 1893558)

This script is Copyright (C) 2013-2016 Tenable Network Security, Inc.


Synopsis :

The version of SAP Sybase Adaptive Server Enterprise (ASE) installed on
the remote host is affected by a remove code execution vulnerability.

Description :

A buffer overflow vulnerability exists in SAP Sybase ASE. This enables
an attacker to inject code into the working memory that is subsequently
executed by the application. It can also be used to cause a general
fault in the product, causing the product to terminate.

See also :

https://service.sap.com/sap/support/notes/1893558
http://www.sybase.com/detail?id=1099371

Solution :

Apply one of the patches listed in the advisory.

Risk factor :

High / CVSS Base Score : 8.7
(CVSS2#AV:N/AC:L/Au:S/C:C/I:P/A:C)
CVSS Temporal Score : 7.6
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows

Nessus Plugin ID: 70977 ()

Bugtraq ID: 63549

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now