virus logo Intrusion Prevention

Sybase.M-Business.Anywhere.agSoap.Closing.Tag.Buffer.Overflow

description-logoDescription

This indicates an attack attempt against a Buffer Overflow vulnerability in Sybase M-Business Anywhere.
The vulnerability is due to a boundary error while "agSoap.exe" processes closing tags for "XML" entities in a "SOAP" request. It allows a remote attacker to execute arbitrary code by sending a crafted "XML" to the target service.

affected-products-logoAffected Products

Sybase M-Business Anywhere 6.x prior to 6.7 ESD# 2
Sybase M-Business Anywhere 7.x prior to 7.0 ESD# 6

Impact logoImpact

System Compromise: Remote attackers can gain control of vulnerable systems.

recomended-action-logoRecommended Actions

Refer to the vendor's website for a suggested workaround.
http://www.sybase.com/detail?id=1093029

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)

References

ZDI-11-154
ID 28154
Created Jul 22, 2011
Updated Nov 15, 2021
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
CVE ID
Default Action drop
Active
Affected OS Windows
Affected App Other