[NEWS] Sybase EAServer Buffer Overflow
From: SecuriTeam (support_at_securiteam.com)
Date: 07/21/05
- Previous message: SecuriTeam: "[NT] sHTTP FTPServer Directory Traversal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
To: list@securiteam.com Date: 21 Jul 2005 13:30:23 +0200
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
The SecuriTeam alerts list - Free, Accurate, Independent.
Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html
- - - - - - - - -
Sybase EAServer Buffer Overflow
------------------------------------------------------------------------
SUMMARY
"Sybase EAServer is the open application server for powering business
critical applications that provide the lowest total cost of ownership."
A buffer overflow vulnerability has been discovered in EAServer, if
exploited, this can result in user-specified code being executed under the
security context of the jagsrv.exe process.
DETAILS
Vulnerable Systems:
* Sybase EAServer versions 4.2.5 up to 5.2
After authenticating to /WebConsole/ if an attacker sets the value of the
JavaScript parameter in TreeAction.do to a large value a return address
can be overwritten due to a stack-based buffer overflow.
Patch Availability:
The issue is resolved by applying the following EBFs to the correct
platform and version. Each EBFs are available from the Sybase EBFs and
Maintenance site at <http://downloads.sybase.com/>
http://downloads.sybase.com/
Vendor Status:
Sybase was contacted on 05/05/2005.
Vendor released advisory corresponding this issue:
<http://www.sybase.com/detail?id=1036742>
http://www.sybase.com/detail?id=1036742
ADDITIONAL INFORMATION
The information has been provided by <mailto:spilabs@spidynamics.com>
David Dewey.
The original article can be found at:
<http://www.sybase.com/detail?id=1036742>
http://www.sybase.com/detail?id=1036742
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: SecuriTeam: "[NT] sHTTP FTPServer Directory Traversal"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
