Sybase ASE attrib_valid Function Overflow

2005-04-05T23:53:26
ID OSVDB:15198
Type osvdb
Reporter NGSSoftware Insight Security Research(nisr@nextgenss.com)
Modified 2005-04-05T23:53:26

Description

Vulnerability Description

A remote overflow exists in Sybase Adaptive Server Enterprise attrib_valid function. The function fails to check input during internal parsing resulting in a buffer overflow. With a specially crafted request, an attacker can execute the code of their choice in the security context of the Sybase database server process resulting in a loss of integrity.

In order for this condition to be exploited an authenticated connection to ASE must exist.

Solution Description

Upgrade to version 12.5.3 ESD #1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

A remote overflow exists in Sybase Adaptive Server Enterprise attrib_valid function. The function fails to check input during internal parsing resulting in a buffer overflow. With a specially crafted request, an attacker can execute the code of their choice in the security context of the Sybase database server process resulting in a loss of integrity.

In order for this condition to be exploited an authenticated connection to ASE must exist.

References:

Vendor URL: http://www.sybase.com/ Vendor Specific News/Changelog Entry: http://www.sybase.com/detail?id=1034752 Vendor Specific News/Changelog Entry: http://www.sybase.com/detail?id=1034520 Related OSVDB ID: 15326 Related OSVDB ID: 15199 Related OSVDB ID: 15327 Related OSVDB ID: 15328 Mail List Post: http://archives.neohapsis.com/archives/vulnwatch/2005-q2/0002.html Keyword: Adaptive Server Enterprise Keyword: #NISR05042005 CVE-2005-0441