Detections
Analytics

SAP Sybase Adaptive Server Enterprise Remote Code Execution (SAP Note 1893560)

critical Nessus Plugin ID 70978

Language:

Synopsis

The version of SAP Sybase Adaptive Server Enterprise (ASE) installed on the remote host is affected by a remote code execution vulnerability.

Description

SAP Sybase Adaptive Server Enterprise (ASE) contains an unspecified flaw that may allow an authenticated, remote attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.

Solution

Apply one of the patches listed in the advisory.

See Also

https://service.sap.com/sap/support/notes/1893560

http://www.sybase.com/detail?id=1099371

Plugin Details

Severity: Critical

ID: 70978

File Name: sybase_ase_note1893560.nasl

Version: 1.9

Type: local

Agent: windows

Family: Windows

Published: 11/20/2013

Updated: 6/3/2021

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.4

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS Score Source: CVE-2013-6245

Vulnerability Information

CPE: cpe:/a:sybase:adaptive_server_enterprise

Required KB Items: SMB/Sybase_ASE/Installed

Exploit Ease: No known exploits are available

Patch Publication Date: 5/31/2013

Vulnerability Publication Date: 9/6/2013

Reference Information

CVE: CVE-2013-6245

BID: 63310

IAVA: 2013-A-0217-S