Detections
Analytics
Sybase ASA Client Connection Broadcast Remote Information Disclosure
medium Nessus Plugin ID 25926
Language:
Synopsis
The remote database server is affected by an information disclosure vulnerability.Description
The remote Sybase SQL Anywhere / Adaptive Server Anywhere database is configured to listen for client connection broadcasts, which allows an attacker to see the name and port that the Sybase SQL Anywhere / Adaptive Server Anywhere server is running on.Solution
Switch off broadcast listening via the '-sb' switch when starting Sybase.See Also
http://www.sybase.com/products/databasemanagement/sqlanywhere
Plugin Details
Severity: Medium
ID: 25926
File Name: sybase_asa_ping.nasl
Version: Revision: 1.8
Type: remote
Family: Databases
Published: 8/22/2007
Updated: 12/1/2017
Supported Sensors: Nessus
Vulnerability Information
CPE: cpe:/a:sybase:sql_anywhere