Intrusion Prevention

Sybase.EAServer.WebConsole.Buffer.Overflow

Description

This indicates an attack attempt against a buffer-overflow vulnerability in Sybase EAServer.
The vulnerability is caused by an error when the vulnerable software handles large JavaScript parameter that could allow remote attacker to execute arbitrary code.

Affected Products

Sybase Enterprise Application Server 5.2
Sybase Enterprise Application Server 5.1
Sybase Enterprise Application Server 5.0
Sybase Enterprise Application Server 4.2.5
Sybase Enterprise Application Server 4.2.2
Sybase Enterprise Application Server 4.2

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply patch, available from the web site:
http://www.sybase.com/detail?id=1036742

CVE References

CVE-2005-2297