Sybase M-Business Anywhere (AvantGo) gsoap Module password Tag Handling Overflow

critical Nessus Plugin ID 54618


The remote SOAP server is vulnerable to a buffer overflow attack.


The Sybase M-Business Anywhere (AvantGo) software installed on the remote host includes a SOAP server that fails to validate an XML end tag in a SOAP request, resulting in a buffer overflow.

An unauthenticated, remote attacker can exploit this to execute arbitrary code. This plugin checks the heap overflow condition in the SOAP server by submitting a request with a long XML end tag.


Apply the appropriate patch from Sybase.

See Also

Plugin Details

Severity: Critical

ID: 54618

File Name: sybase_mbanywhere_buffer_overflow.nasl

Version: 1.10

Type: remote

Published: 5/23/2011

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information


Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

Required KB Items: Services/AvantGo-soap-server

Excluded KB Items: Settings/disable_cgi_scanning, global_settings/supplied_logins_only

Exploit Ease: No known exploits are available

Patch Publication Date: 5/9/2011

Vulnerability Publication Date: 5/9/2011

Reference Information

BID: 47775