Title : Sybase SQL Anywhere Multiple Remote Buffer Overflow Vulnerabilities VUPEN ID : VUPEN/ADV-2008-0626 CVE ID : CVE-2008-0912
Rated as : Critical
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2008-02-21
Technical Description
Multiple vulnerabilities have been identified in Sybase SQL Anywhere, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. These issues are caused by buffer overflow errors in the MobiLink component when processing overly long data (username, version or remote ID) sent to port 2439/TCP, which could be exploited by remote unauthenticated attackers to crash an affected application or execute arbitrary code.
