TMCnet News
Application Security, Inc.'s TeamSHATTER Discovers Nine Database Vulnerabilities In Sybase Adaptive Server Enterprise (ASE) PatchNEW YORK --(Business Wire)-- Application Security, Inc. (AppSecInc), the leading provider of database security solutions for the enterprise, today announced that TeamSHATTER's Esteban Martinez Fayo and Martin Rakhmanov, both Technical Leads, have been credited by Sybase (News - Alert) for discovering and reporting nine database-related vulnerabilities. The nine patches were issued for the Adaptive Server Enterprise (ASE) and announced in an urgent customer notice on January 8. The ASE vulnerabilities range from issues that allow any local authenticated user to acquire the sa password to issues circumventing built-in Java security, allowing the execution of arbitrary code. CVSS scores range from 1.6 to 8.3. The urgent notice includes patches for Sybase ASE 15, 15.5 and 15.7. "Sybase has worked diligently to fix security flaws in the ASE line, and customers should immediately deploy these patches to ensure systems are not left open to attack," said Alex Rothacker, Director of Security Research, AppSecInc's TeamSHATTER. "It's crucial for organizations to patch databases in a timely manner. Most of the data breaches that we see could have been easily prevented by simple measures, like making sure new patches are deployed." The TeamSHATTER vulnerability knowledgebase is the largest and most up-to-date offering of its kind. By identifying and remediating critical database vulnerabilities, TeamSHATTER helps to ensure that AppSecInc customer data is safe from internal and external threats. p> AppSecInc supports Sybase patch cycles by updating its market-leading solutions, AppDetectivePro for security and risk professionals and DbProtect for the enterprise with the appropriate scanning checks and monitoring filters through its monthly ASAP Update™ (Application Security (News - Alert) Automatic Protection) process. DbProtect updates will include monitoring filters for the new security vulnerabilities, enabling customers to protect sensitive information during the deployment of new patches across their database infrastructure.
About TeamSHATTER
About Application Security, Inc. For more information, please visit: www.appsecinc.com and follow us on Twitter (News - Alert): www.twitter.com/appsecinc | http://www.twitter.com/teamshatter DbProtect and AppDetectivePro are trademarks of Application Security, Inc. All other product names, service marks, and trademarks mentioned herein are trademarks of their respective owners.
|