Sybase Business Intelligence Solutions - Database Management, Data Warehousing Software, Mobile Enterprise Applications and Messaging
Sybase Brand Color Bar
delete

Search for    in all of Sybase.com
view all search results right arrow
  blank
 
 
 
 
 
 
 
 
 
 
Support > Technical Documents > Document Types > Urgent Notice > Possible security vulnerability Pylon Anywhere

Possible security vulnerability Pylon Anywhere

There is vulnerability in all versions of Pylon Anywhere prior to v7.0 that allows a person with knowledge of the vulnerability, and with a valid account on a Pylon Anywhere server, to access the email and PIM data of another user on the server.
 
RSS Feed
 
 
 

Urgent from Sybase: Possible security vulnerability Pylon Anywhere

Summary: There is vulnerability in Pylon Anywhere that allows a person with knowledge of the vulnerability, and with a valid account on a Pylon Anywhere server, to access the email and PIM data of another user on the server.


Contents

This document contains the following sections:

  • Customer Alert
  • Recommendation

Customer Alert

Sybase has identified a security vulnerability in its Pylon Anywhere groupware synchronization server. The vulnerability is such that a person with knowledge of the vulnerability, and with a valid account on a Pylon Anywhere server, can access the email and PIM data of another user on the server.

No customer or user data is known to have been compromised because of this vulnerability, which was discovered in testing.

The vulnerability exists in all versions of Pylon Anywhere prior to v7.0

Solution: Install the released patch; or upgrade to a version that is not affected. The patch has no effect on the behavior of Pylon Anywhere other than to address the security vulnerability. Patches have been released for the following Pylon Anywhere versions:

  • 6.4.9
  • 6.4.8
  • 6.4.2
  • 6.3.2 (on request)
  • 6.2.1
  • 5.5.4 (on request)

Recommendation

Sybase strongly recommends that customers either install the appropriate patch; or upgrade to a version of Pylon Anywhere that is not affected by this vulnerability.

The EBFs can be obtained from the Sybase EBFs and Maintenance site.

http://downloads.sybase.com/


If you require further assistance please contact your local support center. The contact numbers can be found in the About Support section under Support & Services at the www.sybase.com website.

http://www.sybase.com/contactus/support



Copyright © 2006 Sybase, Inc. All rights reserved.


 

DOCUMENT ATTRIBUTES
Last Revised: Apr 19, 2006
Product: Pylon
Hardware Platform: Windows x86
  
Business or Technical: Technical
Content Id: 1040213
Infotype: Urgent Notice
 
 
 

© Copyright 2014, Sybase Inc. - v 7.6 Home / Contact Us / Help / Jobs / Legal / Privacy / Code of Ethics