PT-2001-1797 · Sybase · Sybase Adaptive Server Anywhere Database Engine

Published

2001-07-27

Updated

2017-12-19

CVE-2001-0599

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions: Sybase Adaptive Server Anywhere Database Engine versions 6.0.3.2747 and earlier

Description: The issue allows a remote attacker to create a denial of service by sending large amounts of data to port 2638. This can be achieved by sending more than 45Kb of data to the specified port.

Recommendations: For Sybase Adaptive Server Anywhere Database Engine versions 6.0.3.2747 and earlier, restrict access to port 2638 to minimize the risk of exploitation. As a temporary workaround, consider limiting the amount of data that can be sent to this port until a fix is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2001-0599

Affected Products

Sybase Adaptive Server Anywhere Database Engine

PT-2001-1797 · Sybase · Sybase Adaptive Server Anywhere Database Engine

CVE-2001-0599

Related Identifiers

Affected Products

References · 4