MidnightBSD

Advisories for sybase

CVE-1999-0695 MEDIUM

The Sybase PowerDynamo personal web server allows attackers to read arbitrary files through a .. (dot dot) attack.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sybase powerdynamo 3.0.652
CVE-2001-0599 MEDIUM

Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier as included with Symantec Ghost 6.5 allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to port 2638.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sybase adaptive_server_anywhere *
CVE-2002-1861 MEDIUM

Sybase Enterprise Application Server 4.0, when running on Windows, allows remote attackers to retrieve files in the WEB-INF directory, which contains Java class files and configuration information, via a request to the WEB-INF directory with a trailing dot ("WEB-INF.").

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sybase easerver 4.0
CVE-2002-2250 HIGH

Multiple buffer overflows in Sybase Adaptive Server 12.0 and 12.5 allow remote attackers to execute arbitrary code via (1) a long parameter to the xp_freedll extended stored procedure or (2) a long database name argument to the DBCC CHECKVERIFY function.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-119,

Products Affected

Vendor Product Version
sybase adaptive_server 12.0
sybase adaptive_server 12.5
CVE-2003-0327 MEDIUM

Sybase Adaptive Server Enterprise (ASE) 12.5 allows remote attackers to cause a denial of service (hang) via a remote password array with an invalid length, which triggers a heap-based buffer overflow.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 12.5
CVE-2005-0441 HIGH

Multiple stack-based buffer overflows in Sybase Adaptive Server Enterprise (ASE) 12.x before 12.5.3 ESD#1 allow remote authenticated users to execute arbitrary code via the (1) attrib_valid function, (2) covert function, (3) declare statement, or (4) a crafted query plan, or remote authenticated users with database owner or "sa" role privileges to execute arbitrary code via (5) a crafted install java statement.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 12.5
sybase adaptive_server_enterprise 12.0.1
sybase adaptive_server_enterprise 11.5.1
sybase adaptive_server_enterprise 12.5.3
sybase adaptive_server_enterprise 12.0
sybase adaptive_server_enterprise 11.5
sybase adaptive_server_enterprise 11.9.2
sybase adaptive_server_enterprise 12.5.2
sybase adaptive_server_enterprise 11.03.3
CVE-2005-0942 MEDIUM

The XP Server process (xp_server) in Sybase Adaptive Server Enterprise (ASE) XP Server 12.x before 12.5.3 ESD#1 allows attackers to cause a denial of service (process crash) via malformed data sent to the XP Server TCP port.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 12.5
sybase adaptive_server_enterprise 12.0.1
sybase adaptive_server_enterprise 11.5.1
sybase adaptive_server_enterprise 12.5.3
sybase adaptive_server_enterprise 12.0
sybase adaptive_server_enterprise 11.5
sybase adaptive_server_enterprise 11.9.2
sybase adaptive_server_enterprise 12.5.2
sybase adaptive_server_enterprise 11.03.3
CVE-2005-2297 MEDIUM

Stack-based buffer overflow in TreeAction.do in Sybase EAServer 4.2.5 through 5.2 allows remote authenticated users to execute arbitrary code via a large javascript parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sybase easerver 4.2.5
sybase easerver 5.2
sybase easerver 5.1
sybase easerver 5.0
CVE-2006-1829 MEDIUM

EAServer Manager in Sybase EAServer 5.2 and 5.3 allows remote authenticated users, possibly guests, to obtain password credentials of arbitrary users via unspecified vectors involving (1) connection caches, (2) open password prompts, and (3) stored custom connection profiles.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sybase easerver 5.2
sybase easerver 5.3
CVE-2006-1997 LOW

Unspecified vulnerability in Sybase Pylon Anywhere groupware synchronization server before 7.0 allows local users to obtain sensitive information such as email and PIM data of another user via unknown attack vectors.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
sybase pylon_anywhere 6.4.8
sybase pylon_anywhere 5.5.4
sybase pylon_anywhere 6.4.2
sybase pylon_anywhere 6.2.1
sybase pylon_anywhere 6.4.9
sybase pylon_anywhere 6.3.2
CVE-2006-2539 LOW

Sybase EAServer 5.0 for HP-UX Itanium, 5.2 for IBM AIX, HP-UX PA-RISC, Linux x86, and Sun Solaris SPARC, and 5.3 for Sun Solaris SPARC does not properly protect passwords when they are being entered via the GUI, which allows local users to obtain the cleartext passwords via the getSelectedText function in javax.swing.JPasswordField component.

CVSS 2.0

Severity: LOW

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sybase easerver 5.2
sybase easerver 5.3
sybase easerver 5.0
CVE-2006-3667 HIGH

Unspecified vulnerability in Sybase/Financial Fusion Consumer Banking Suite versions before 20060706 has unknown impact and remote attack vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
sybase financial_fusion_consumer_banking_solution *
CVE-2011-0496 HIGH

Unspecified vulnerability in Sybase EAServer 5.x and 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to install arbitrary web services and execute arbitrary code, related to a "design vulnerability."

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
sybase easerver 5.2.1
sybase sybase_workspace 1.7
sybase easerver 6.2
sybase sybase_workspace 1.5
sybase sybase_workspace 2.5
sybase easerver 6.3
sybase appeon_for_powerbuilder 6.5
sybase sybase_workspace 2.0
sybase appeon_for_powerbuilder 2.7
sybase sybase_workspace 1.0
sybase appeon_for_powerbuilder 6.2
sybase sybase_workspace 2.1
sybase easerver 5.0.1
sybase easerver 5.2
sybase sybase_workspace 2.1.2
sybase easerver 5.1
sybase easerver 6.3.1
sybase sybase_workspace 2.0.1
sybase easerver 6.0.2
sybase replication_server 15.2
sybase easerver 5.0
sybase appeon_for_powerbuilder 2.8
sybase sybase_workspace 2.0.2
sybase appeon_for_powerbuilder 2.5
sybase easerver 6.0
sybase sybase_workspace 1.6
sybase sybase_workspace *
sybase easerver 5.5
sybase easerver 5.3
sybase replication_server *
sybase appeon_for_powerbuilder 6.0
sybase appeon_for_powerbuilder 2.6
sybase appeon_for_powerbuilder 6.1
sybase easerver 6.1
CVE-2011-0497 HIGH

Directory traversal vulnerability in Sybase EAServer 6.x before 6.3 ESD#2, as used in Appeon, Replication Server Messaging Edition (RSME), and WorkSpace, allows remote attackers to read arbitrary files via "../\" (dot dot forward-slash backslash) sequences in a crafted request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
sybase easerver 5.2.1
sybase sybase_workspace 1.7
sybase easerver 6.2
sybase sybase_workspace 1.5
sybase sybase_workspace 2.5
sybase easerver 6.3
sybase appeon_for_powerbuilder 6.5
sybase sybase_workspace 2.0
sybase appeon_for_powerbuilder 2.7
sybase sybase_workspace 1.0
sybase appeon_for_powerbuilder 6.2
sybase sybase_workspace 2.1
sybase easerver 5.0.1
sybase easerver 5.2
sybase sybase_workspace 2.1.2
sybase easerver 5.1
sybase easerver 6.3.1
sybase sybase_workspace 2.0.1
sybase easerver 6.0.2
sybase replication_server 15.2
sybase easerver 5.0
sybase appeon_for_powerbuilder 2.8
sybase sybase_workspace 2.0.2
sybase appeon_for_powerbuilder 2.5
sybase easerver 6.0
sybase sybase_workspace 1.6
sybase sybase_workspace *
sybase easerver 5.5
sybase easerver 5.3
sybase replication_server *
sybase appeon_for_powerbuilder 6.0
sybase appeon_for_powerbuilder 2.6
sybase appeon_for_powerbuilder 6.1
sybase easerver 6.1
CVE-2011-2474 MEDIUM

Directory traversal vulnerability in the HTTP Server in Sybase EAServer 6.3.1 Developer Edition allows remote attackers to read arbitrary files via a /.\../\../\ sequence in a path.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
sybase easerver 6.3.1
CVE-2011-2475 HIGH

Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in Sybase OneBridge Mobile Data Suite 5.5 and 5.6 allows remote attackers to execute arbitrary code via format string specifiers in unspecified string fields, related to authentication logging.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-134,

Products Affected

Vendor Product Version
sybase onebridge_mobile_data_suite 5.5
sybase onebridge_mobile_data_suite 5.6
CVE-2011-5078 MEDIUM

The web administration interface in the server in Sybase M-Business Anywhere 6.7 before ESD# 3 and 7.0 before ESD# 7 does not require admin authentication for unspecified scripts, which allows remote authenticated users to list or delete user accounts, modify passwords, or read log files via HTTP requests, aka Bug IDs 678497 and 678499.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
sybase m-business_anywhere 6.7
sybase m-business_anywhere 7.0
CVE-2013-6025 MEDIUM

The XMLParse procedure in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 ESD 2 allows remote authenticated users to read arbitrary files via a SQL statement containing an XML document with an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-94,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 15.7
CVE-2013-6245 HIGH

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise *
CVE-2013-6859 HIGH

SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3. 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 does not properly perform authorization, which allows remote authenticated users to gain privileges via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-287,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 15.5
sybase adaptive_server_enterprise 15.0.3
sybase adaptive_server_enterprise 15.7
CVE-2013-6860 MEDIUM

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to obtain sensitive information via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 15.5
sybase adaptive_server_enterprise 15.0.3
sybase adaptive_server_enterprise 15.7
CVE-2013-6861 MEDIUM

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 15.5
sybase adaptive_server_enterprise 15.0.3
sybase adaptive_server_enterprise 15.7
CVE-2013-6862 HIGH

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote attackers to cause a denial of service via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 15.5
sybase adaptive_server_enterprise 15.0.3
sybase adaptive_server_enterprise 15.7
CVE-2013-6863 HIGH

SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to gain privileges via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 15.5
sybase adaptive_server_enterprise 15.0.3
sybase adaptive_server_enterprise 15.7
CVE-2013-6864 MEDIUM

Directory traversal vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to affect confidentiality, integrity, and availability via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 15.5
sybase adaptive_server_enterprise 15.0.3
sybase adaptive_server_enterprise 15.7
CVE-2013-6865 HIGH

SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka CR732989.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 15.5
sybase adaptive_server_enterprise 15.0.3
sybase adaptive_server_enterprise 15.7
CVE-2013-6866 HIGH

SAP Sybase Adaptive Server Enterprise (ASE) before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka CR736689.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-94,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 15.5
sybase adaptive_server_enterprise 15.0.3
sybase adaptive_server_enterprise 15.7
CVE-2013-6867 HIGH

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise (ASE) 15.7 before 15.7 SP50 or 15.7 SP100 allows remote attackers to cause a denial of service via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-noinfo,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 15.7
CVE-2013-6868 HIGH

SAP Sybase Adaptive Server Enterprise (ASE) 15.0.3 before 15.0.3 ESD#4.3, 15.5 before 15.5 ESD#5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-200,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 15.5
sybase adaptive_server_enterprise 15.0.3
sybase adaptive_server_enterprise 15.7
CVE-2013-7245 MEDIUM

The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass access restrictions and perform database dumps by leveraging failure to validate credentials, aka SAP Security Note 1927859.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-285,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 15.7
CVE-2014-6283 MEDIUM

SAP Adaptive Server Enterprise (ASE) 15.7 before SP122 or SP63, 15.5 before ESD#5.4, and 15.0.3 before ESD#4.4 does not properly restrict access, which allows remote authenticated database users to (1) overwrite the master encryption key or (2) trigger a buffer overflow via a crafted RPC message to the hacmpmsgxchg function, and possibly other vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-264,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 15.5
sybase adaptive_server_enterprise 15.0.3
sybase adaptive_server_enterprise 15.7
CVE-2014-6284 HIGH

SAP Adaptive Server Enterprise (ASE) before 15.7 SP132 and 16.0 before 16.0 SP01 allows remote attackers to bypass the challenge and response mechanism and obtain access to the probe account via a crafted response, aka SAP Security Note 2113995.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 16.0
sybase adaptive_server_enterprise *
CVE-2015-1310 HIGH

SQL injection vulnerability in SAP Adaptive Server Enterprise (Sybase ASE) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Note 2113333. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise *
CVE-2016-7402 HIGH

SAP ASE 16.0 SP02 PL03 and prior versions allow attackers who own SourceDB and TargetDB databases to elevate privileges to sa (system administrator) via dbcc import_sproc SQL injection.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-264,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise *
CVE-2017-5371 MEDIUM

Odata Server in SAP Adaptive Server Enterprise (ASE) 16 allows remote attackers to cause a denial of service (process crash) via a series of crafted requests, aka SAP Security Note 2330422.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-20,

Products Affected

Vendor Product Version
sybase adaptive_server_enterprise 16.0