Switch to standard view 
  Sybase logo
 
 
 



Urgent from Sybase: Afaria Data Security Manager Vulnerability.

Summary: Afaria Data Security Manager on Symbian devices contains a security vulnerability that is resolved by applying a hot-fix. This vulnerability affects Afaria 6.5 Feature Pack 1 and newer as well as Afaria 6.6 GA. Sybase strongly recommends that customers update their Afaria Servers as soon as possible. The hot-fixes are available from the Afaria support area of the Sybase website.


Contents

This document contains the following sections:

  • Customer Alert
  • Recommendation

Customer Alert

A Symbian device that is locked using Afaria Data Security Manager could be accessed without entering the security login password if a particular sequence of events occurs.

This vulnerability was introduced in Afaria 6.5 Feature Pack 1. It also exists in Afaria 6.6 GA. It affects all Symbian Series 60 3rd Edition, Feature Pack 0, 1, 2 devices and 5th Edition devices.

Recommendations

Customers are advised to install the patches for the appropriate Afaria product version.

Fixed Versions

Afaria 6.5: Issue was first addressed in Afaria 6.5 Hot-fix 81 (65AfariaFx81), this requires Feature Pack 2.

Afaria 6.6: Issue was first addressed in Afaria 6.6 Hot-fix 2011-01 (66Afaria_2011_01.zip)

Downloads

Theses Afaria hot-fixes are obtained by selecting the product "Afaria" located on the technical support section of the Sybase Support Website http://www.sybase.com/support. It is recommended that the hot-fix release notes, which cover installation notes and a list of fixed issues, are thoroughly reviewed.

Tracking

Sybase has tracked this issue under defect ID 35621 and 35772.


If you require further assistance please contact your local support center. The contact numbers can be found in the About Support section under Support & Services at the www.sybase.com website.

http://www.sybase.com/contactus/support


Copyright © 2011 Sybase, Inc. All rights reserved.



Back to Top
© Copyright 2010, Sybase Inc.