Sybase.M-Business.Anywhere.agSoap.Closing.Tag.Buffer.Overflow
Description
This indicates an attack attempt against a Buffer Overflow vulnerability in Sybase M-Business Anywhere.
The vulnerability is due to a boundary error while "agSoap.exe" processes closing tags for "XML" entities in a "SOAP" request. It allows a remote attacker to execute arbitrary code by sending a crafted "XML" to the target service.
Affected Products
Sybase M-Business Anywhere 6.x prior to 6.7 ESD# 2
Sybase M-Business Anywhere 7.x prior to 7.0 ESD# 6
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Refer to the vendor's website for a suggested workaround.
http://www.sybase.com/detail?id=1093029
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |