Sybase ASA Client Connection Broadcast Remote Information Disclosure vulnerability with Cabi 3.3

Document ID : KB000018228
Last Modified Date : 14/02/2018
Show Technical Document Details

Summary:

 

Sybase SQL Anywhere is the backend database for Cabi 3.3. Following vulnerability is been reported by a security/vulnerability scanner on the Cabi server

The remote Sybase SQL Anywhere / Adaptive Server Anywhere database is configured to listen for client connection broadcasts, which allows an attacker to see the name and port that the Sybase SQL Anywhere / Adaptive Server Anywhere server is running on.

 

 

Instructions: 

 

Following solution will help you avoid the security risk reported by the Vulnerability scanner on the Cabi server

Switch off broadcast listening via the '-sb' switch when starting Sybase.

Using -sb 0 causes the database server to not start any UDP broadcast listeners. This forces clients to use a HOST connection parameter or HOST protocol option when connecting to the database server. This also causes the database server to be unlisted when using dblocate.

Using -sb 1 causes the database server to not respond to broadcasts from dblocate, but still starts UDP listeners.

Solution is implemented using the following steps:

  1. Logon to Cabi server 
  2. Go to services.msc and stop Server Intelligence Agent and BOE120SQLAW services.Close the services window. 
  3. Open regedit.
  4. Navigate to HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\SQLANYs_BOE120SQLAW and double click on ImagePath attribute.
  5. It will open its value in another window.
  6. Go to end of the value and append sb.
  7. Click OK and close the regedit window.
  8. Open services.msc again and start BOE120SQLAW and Server Intelligence
    Agent services.

 

Additional Information:

Risk factor :

Medium / CVSS Base Score : 5.0

 

(CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N)