• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Sybase Adaptive Server xp_freedll Buffer Overrun Vulnerability

A vulnerability has been discovered in Sybase Adaptive Server. By passing xp_freedll a parameter of excessive length it is possible to overrun a static buffer. By overwriting memory with attacker-supplied values, it may be possible to direct program flow to execute malicious instructions.

Successful exploitation of this vulnerability would allow an attacker to execute arbitrary system commands with the privileges of the database server.