Vulnerabilities > CVE-2011-2475 - Use of Externally-Controlled Format String vulnerability in Sybase Onebridge Mobile Data Suite 5.5/5.6

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Format string vulnerability in ECTrace.dll in the iMailGateway service in the Internet Mail Gateway in OneBridge Server and DMZ Proxy in Sybase OneBridge Mobile Data Suite 5.5 and 5.6 allows remote attackers to execute arbitrary code via format string specifiers in unspecified string fields, related to authentication logging.

Vulnerable Configurations

Part Description Count
Application
Sybase
2

Common Attack Pattern Enumeration and Classification (CAPEC)

  • Format String Injection
    An attacker includes formatting characters in a string input field on the target application. Most applications assume that users will provide static text and may respond unpredictably to the presence of formatting character. For example, in certain functions of the C programming languages such as printf, the formatting character %s will print the contents of a memory location expecting this location to identify a string and the formatting character %n prints the number of DWORD written in the memory. An attacker can use this to read or write to memory locations or files, or simply to manipulate the value of the resulting text in unexpected ways. Reading or writing memory may result in program crashes and writing memory could result in the execution of arbitrary code if the attacker can write to the program stack.
  • String Format Overflow in syslog()
    This attack targets the format string vulnerabilities in the syslog() function. An attacker would typically inject malicious input in the format string parameter of the syslog function. This is a common problem, and many public vulnerabilities and associated exploits have been posted.

Seebug

bulletinFamilyexploit
descriptionCVE ID: CVE-2011-2475 Sybase OneBridge Mobile Data Suite是帮助企业在多种移动设备上扩展应用到一线雇员的灵活移动解决方案。 Sybase OneBridge Mobile Data Suite在实现上存在格式字符串远程代码执行漏洞,远程攻击者可利用此漏洞在服务器进程中执行任意代码。 此漏洞源于默认在TCP端口993(IMAP)和端口587(SMTP)上监听加密请求的iMailGatewayService服务器进程 (ECTrace.dll)中。进程在转到身份验证登录函数之前没有正确过滤畸形用户字符串输入。 Sybase Sybase OneBridge Mobile Data Suite 厂商补丁: Sybase ------ 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.sybase.com/detail?id=1092074
idSSV:20612
last seen2017-11-19
modified2011-06-15
published2011-06-15
reporterRoot
titleSybase OneBridge Mobile Data Suite格式字符串远程代码执行漏洞