Signature Detail
This site is deprecated. Please CLICK HERE for latest updates
Short Name |
HTTP:OVERFLOW:SYBASE-WEBCONSOLE |
|---|---|
Severity |
Critical |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Sybase EAServer WebConsole Buffer Overflow |
Release Date |
2005/08/16 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
HTTP: Sybase EAServer WebConsole Buffer Overflow
This signature detects an attempt to exploit a known vulnerability in the Sybase EAServer WebConsole. Sybase EAServer versions 5.2 and earlier are vulnerable. By supplying a maliciously crafted URL request, the client can potentially execute arbitrary commands on the server with daemon permissions.
Extended Description
Sybase EAServer is affected by a remote buffer-overflow vulnerability. The vulnerability exists in the server's WebConsole. A successful attack can overflow a finite-sized buffer and ultimately lead to arbitrary code execution in the context of the 'jagsrv.exe' process. This may allow the attacker to gain elevated privileges. Note that an attacker needs to provide authentication credentials before carrying out this attack.
Affected Products
- Sybase enterprise_application_server 4.2.0
- Sybase enterprise_application_server 4.2.2
- Sybase enterprise_application_server 4.2.5
- Sybase enterprise_application_server 5.0.0
- Sybase enterprise_application_server 5.1.0
- Sybase enterprise_application_server 5.2.0
References