Summary
The remote database server is affected by an information disclosure vulnerability.
Description :
The remote Sybase SQL Anywhere / Adaptive Server Anywhere database is configured to listen for client connection broadcasts, which allows an attacker to see the name and port that the Sybase SQL Anywhere / Adaptive Server Anywhere server is running on.
Solution
Switch off broadcast listening via the '-sb' switch when starting Sybase.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Oracle Database 'XML DB component' Unspecified vulnerability
- Oracle MySQL Server Component 'Replication' Unspecified vulnerability Oct-2013 (Windows)
- Oracle MySQL Multiple Unspecified vulnerabilities-03 July14 (Windows)
- Oracle MySQL Server Multiple Vulnerabilities-02 Nov12 (Windows)
- IBM DB2 'REPEAT()' Heap Buffer Overflow Vulnerability