Urgent from Sybase: Possible security vulnerabilities in M-Business Anywhere 6.7 and 7.0.
Summary: M-Business Anywhere server contains two potential security vulnerabilities. The vulnerabilities affect M-Business Anywhere server 6.7 (earlier than Windows Build255, SunOS Build257, Linux Build256) and 7.0 (earlier than Windows Build669, SunOS Build670, Linux Build671). Sybase strongly recommends that customers upgrade to the latest M-Business Anywhere server as soon as possible.
This document contains the following sections:
- Customer Alert
These vulnerabilities affect M-Business Anywhere server 6.7 (earlier than Windows Build255, SunOS Build257, Linux Build256) and 7.0 (earlier than Windows Build669, SunOS Build670, Linux Build671) and all earlier versions. These vulnerabilities affect all installations of the affected versions. It is not possible to work around these issues. These vulnerabilities have the potential to allow unauthorized users to have elevated access rights.
Customers are advised to install the latest M-Business Anywhere server with patches.
Versions of M-Business Anywhere from 6.7 ESD# 3, and 7.0 ESD# 7 contain the fixes to correct the issues.
Sybase is tracking these issues under Bug ID# 678497, 678499.
These Bug IDs are fixed in the following EBFs.
|EBF# (ESD# 3)
||EBF# (ESD# 7)
|Windows (x86) 32-bit
|Sun Solaris (x86) 32-bit
|Sun Solaris (x86) 64-bit
|Linux (x86) 32-bit
EBFs are obtained from the Sybase EBFs and Maintenance site.
Follow the instructions in the EBF cover letter to install the EBF.
If you require further assistance please contact your local support center. The contact numbers can be found in the About Support section under Support & Services at the www.sybase.com website.
Copyright © 2011 Sybase, Inc. All rights reserved.