EUVD-2013-7024

Malware in sbrugna...

Newly Patched SAP ASE Flaws Could Let Attackers Hack Database Servers

A new set of critical vulnerabilities uncovered in SAP's Sybase database software can grant unprivileged attackers complete control over a targeted database and even the underlying operating system in certain scenarios. The six flaws, disclosed by cybersecurity firm Trustwave today, reside in...

Newly Patched SAP ASE Flaws Could Let Attackers Hack Database Servers

A new set of critical vulnerabilities uncovered in SAP's Sybase database software can grant unprivileged attackers complete control over a targeted database and even the underlying operating system in certain scenarios. The six flaws, disclosed by cybersecurity firm Trustwave today, reside in...

Sybase ASE Login Possible

Binary data sybaselogin.nbin...

Security Bulletin: Vulnerabilities in IBM Tivoli Composite Application Manager Agent for Sybase ASE with potential for privilege escalation (CVE-2013-5467)

Summary Privilege escalation vulnerability in the IBM Tivoli Composite Application Manager Agent for Sybase ASE could be exploited by a local user to gain elevated privilege of another user. Vulnerability Details CVEID: CVE-2013-5467 Description: Privilege escalation vulnerability could be...

CVE-2013-7245

The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass access restrictions and perform database dumps by leveraging failure to validate credentials, aka SAP Security Note 1927859...

CVE-2013-7245

The Backup Server component in SAP Sybase ASE 15.7 before SP51 allows remote attackers to bypass access restrictions and perform database dumps by leveraging failure to validate credentials, aka SAP Security Note 1927859...

CVE-2013-7245

The CVE-2013-7245 issue affects SAP Sybase ASE 15.7 Backup Server component prior to SP51. The root cause is a failure to validate credentials, allowing remote attackers to bypass access restrictions and perform database dumps. Impact is exposure of data via unauthorized dumps; no exploitation de...

Qualys Policy Compliance Notification: Policy Library Update

Qualys’ library of built-in policies makes it easy to comply with the security standards and regulations that are most commonly used and adhered to. Qualys provides a wide range of policies, including many that have been certified by CIS as well as the ones based on security guidelines from vendo...

Sql injection

SQL injection vulnerability in SAP Adaptive Server Enterprise Sybase ASE allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Note 2113333. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2015-1310

SQL injection vulnerability in SAP Adaptive Server Enterprise Sybase ASE allows remote attackers to execute arbitrary SQL commands via unspecified vectors, aka SAP Note 2113333. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information...

CVE-2013-6865

SAP Sybase Adaptive Server Enterprise ASE 15.0.3 before 15.0.3 ESD4.3, 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka CR732989...

CVE-2013-6861

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise ASE 15.0.3 before 15.0.3 ESD4.3, 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unspecified vectors...

CVE-2013-6862

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise ASE before 15.0.3 ESD4.3, 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote attackers to cause a denial of service via unspecified vectors...

CVE-2013-6863

SAP Sybase Adaptive Server Enterprise ASE 15.0.3 before 15.0.3 ESD4.3, 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to gain privileges via unspecified vectors...

Authorization

SAP Sybase Adaptive Server Enterprise ASE before 15.0.3 ESD4.3. 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 does not properly perform authorization, which allows remote authenticated users to gain privileges via unspecified vectors...

CVE-2013-6865

SAP Sybase Adaptive Server Enterprise ASE 15.0.3 before 15.0.3 ESD4.3, 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to execute arbitrary code via unspecified vectors, aka CR732989...

CVE-2013-6868

SAP Sybase Adaptive Server Enterprise ASE 15.0.3 before 15.0.3 ESD4.3, 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unspecified vectors...

CVE-2013-6861

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise ASE 15.0.3 before 15.0.3 ESD4.3, 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows local users to obtain sensitive information via unspecified vectors...

CVE-2013-6860

Unspecified vulnerability in SAP Sybase Adaptive Server Enterprise ASE before 15.0.3 ESD4.3, 15.5 before 15.5 ESD5.3, and 15.7 before 15.7 SP50 or 15.7 SP100 allows remote authenticated users to obtain sensitive information via unspecified vectors...