SAP Adaptive Server Enterprise (ASE) Multiple Vulnerabilities Fixed by September 2016 Patch Day


Description   (:Several SQL injection vulnerabilities were reported in SAP Adaptive Server Enterprise (ASE).:An authenticated remote attacker could exploit them by using URLs that include specially crafted SQL statements in order to modify or delete entries in some database tables, elevate their privileges, as well as access to data or execute arbitrary commands on the operating system.::No further information is available.)
     
Vulnerable Products   Vulnerable Software:
Adaptive Server Enterprise (Sybase) -
     
Solution   SAP has released the 2358986 and 2353243 security notes for Adaptive Server Enterprise (ASE) in order to fix these vulnerabilities.
     
CVE  
     
References   - SAP : Cyber Threat Intelligence report ? September 2016
http://scn.sap.com/community/security/blog/2016/09/14/sap-cyber-threat-intelligence-report-september-2016
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
SQL injection Prevention - GET : suspicious OR statement in URL
3.2.0
SQL injection Prevention - GET : suspicious combination of 'OR' or 'AND' statements in URL
3.2.0
SQL injection Prevention - GET : suspicious CREATE statement in URL
3.2.0
SQL injection Prevention - GET : suspicious CAST statement in URL
3.2.0
SQL injection Prevention - GET : suspicious OPENROWSET statement in URL
3.2.0
SQL injection Prevention - GET : suspicious DECLARE statement in URL
3.2.0
SQL injection Prevention - GET : suspicious OPENQUERY statement in URL
3.2.0
SQL injection Prevention - GET : suspicious shutdown statement in URL
3.2.0
SQL injection Prevention - GET : suspicious UNION SELECT statement in URL
3.2.0
SQL injection Prevention - GET : possible database version probing
3.2.0
SQL injection Prevention - GET : suspicious UPDATE SET statement in URL
3.2.0
SQL injection Prevention - GET : suspicious SELECT statement in URL
3.2.0
SQL injection Prevention - GET : suspicious INSERT statement in URL
3.2.0
SQL injection Prevention - GET : suspicious DROP statement in URL
3.2.0
SQL injection Prevention - GET : suspicious EXEC statement in URL
3.2.0
SQL injection Prevention - GET : block comment delimiters in URL
3.2.0
SQL injection Prevention - GET : suspicious combination of 'select' and 'sleep' statements in URL
5.0.0
SQL injection Prevention - GET : Evasion attempt with CAST and EXEC statements
5.0.0
SQL injection Prevention - GET : Authentication bypass attempt with OR statement
5.0.0
SQL injection Prevention - GET : suspicious SQL keywords in URL
5.0.0
     


 
 
 
 
 Risk level 
High 

 Vulnerability First Public Report Date 
2016-09-14 

 Target Type 
Server 

 Possible exploit 
Remote