Intrusion Prevention

Sybase.SQL.Anywhere.MobiLink.Crafted.Strings.Buffer.Overflow

Description

This indicates an attempt to exploit a buffer overflow vulnerability in Sybase MobiLink.
The vulnerability is caused by a buffer overflow error in the MobiLink component, when processing overly long data (username, version or remote ID) sent to port 2439/TCP. It can be exploited by remote unauthenticated attackers to crash the application or execute arbitrary code.

Affected Products

Sybase MobiLink 10.0.1.3629

Impact

Denial of service.
System Compromise: remote code execution.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

CVE References

CVE-2008-0912