Sybase EAServer 6.3.1 < 6.3.1.07 Build 63107 / 6.2 < 220.127.116.11 Build 62012 Multiple Vulnerabilities
Critical Nessus Network Monitor Plugin ID 6895
SynopsisThe remote application server is affected by multiple vulnerabilities.
DescriptionThe version of Sybase EAServer installed on the remote host is earlier than 6.3.1.07 Build 63107 or 6.2 earlier 18.104.22.168 Build 62012. As such, it is potentially affected by multiple vulnerabilities :
- An unspecified error can be exploited to access otherwise inaccessible, deployed applications.
- An unspecified error can be exploited to disclose contents of arbitrary directories and files.
- An unspecified error within the WSH service can be exploited to disclose certain credentials from unspecified configuration files and execute arbitrary OS commands.
Note that the second and third issues only affect version 6.3.1 of EAServer.
SolutionUpgrade to Sybase EAServer 22.214.171.124 Build 62012 / 6.3.1.07 Build 63107 or later.