Search This Blog

Thursday, July 21, 2005

[NEWS] Sybase EAServer Buffer Overflow

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

The SecuriTeam alerts list - Free, Accurate, Independent.

Get your security news from a reliable source.
http://www.securiteam.com/mailinglist.html

- - - - - - - - -

Sybase EAServer Buffer Overflow
------------------------------------------------------------------------

SUMMARY

"Sybase EAServer is the open application server for powering business
critical applications that provide the lowest total cost of ownership."

A buffer overflow vulnerability has been discovered in EAServer, if
exploited, this can result in user-specified code being executed under the
security context of the jagsrv.exe process.

DETAILS

Vulnerable Systems:
* Sybase EAServer versions 4.2.5 up to 5.2

After authenticating to /WebConsole/ if an attacker sets the value of the
JavaScript parameter in TreeAction.do to a large value a return address
can be overwritten due to a stack-based buffer overflow.

Patch Availability:
The issue is resolved by applying the following EBFs to the correct
platform and version. Each EBFs are available from the Sybase EBFs and
Maintenance site at <http://downloads.sybase.com/>
http://downloads.sybase.com/

Vendor Status:
Sybase was contacted on 05/05/2005.
Vendor released advisory corresponding this issue:
<http://www.sybase.com/detail?id=1036742>
http://www.sybase.com/detail?id=1036742

ADDITIONAL INFORMATION

The information has been provided by <mailto:spilabs@spidynamics.com>
David Dewey.
The original article can be found at:
<http://www.sybase.com/detail?id=1036742>
http://www.sybase.com/detail?id=1036742

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

3 comments:

Anonymous said...

celine handbags for cheap
I couldn't resist commenting. Perfectly written!

Anonymous said...

louis vuitton handbags for cheap

Greetings! Very helpful advice within this article!
It's the little changes which will make the most important changes.
Many thanks for sharing!

Anonymous said...

What's up it's me, I am also visiting this web site daily, this web page
is really nice and the visitors are really sharing pleasant thoughts.


Look at my web page - Rage DNA Review