Intrusion Prevention

Sybase.SQL.Anywhere.MobiLink.Strings.Remote.Buffer.Overflow

Description

This indicates an attempt to exploit a Buffer Overflow vulnerability in Sybase MobiLink.
The vulnerability is caused by a buffer overflow error in the MobiLink component, when processing overly long data (username, version or remote ID) sent to port 2439/TCP. It can be exploited by remote unauthenticated attackers to crash the application or execute arbitrary code.

Affected Products

Sybase MobiLink 10.0.1.3629

Impact

System Compromise: Remote code execution.
Denial of service.

Recommended Actions

Currently we are not aware of any vendor supplied patch for this issue.

CVE References

CVE-2008-0912