Sybase ASE Password Array Heap Overflow Vulnerability

November 21, 2003

[From Secunia Stay Secure]

A vulnerability has been identified in Sybase ASE (Adaptive Server Enterprise), which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise a vulnerable system.

The vulnerability is caused due to a boundary error when handling remote password arrays. This can be exploited to cause a heap overflow by supplying a remote password array with invalid lengths. Reportedly, execution of arbitrary code is not believed possible but cannot be ruled out completely.

The article continues at

The Network for Technology Professionals



Legal Notices, Licensing, Permissions, Privacy Policy.
Advertise | Newsletters | E-mail Offers