Sybase Adaptive Server Anywhere Database Engine Buffer Overflow Vulnerability

The Sybase Adaptive Server Anywhere Database Engine that is shipped with Symantec Ghost is susceptible to a buffer overflow attack via TCP port 2638. An unauthorized remote attacker may connect to port 2638, the port which the database engine listens on, and supply a buffer of approximately 45 kilobytes. Depending on the data entered, a denial of service attack could be launched or arbitrary code could be executed on the system Ghost resides.


 

Privacy Statement
Copyright 2010, SecurityFocus