Summary: M-Business Anywhere server contains two potential security vulnerabilities. The vulnerabilities affect M-Business Anywhere server 6.7 (earlier than Windows Build255, SunOS Build257, Linux Build256) and 7.0 (earlier than Windows Build669, SunOS Build670, Linux Build671). Sybase strongly recommends that customers upgrade to the latest M-Business Anywhere server as soon as possible.

Contents

This document contains the following sections:

• Customer Alert
• Recommendation

Customer Alert

These vulnerabilities affect M-Business Anywhere server 6.7 (earlier than Windows Build255, SunOS Build257, Linux Build256) and 7.0 (earlier than Windows Build669, SunOS Build670, Linux Build671) and all earlier versions. These vulnerabilities affect all installations of the affected versions. It is not possible to work around these issues. These vulnerabilities have the potential to allow unauthorized users to have elevated access rights.

Recommendations

Customers are advised to install the latest M-Business Anywhere server with patches.

Fixed Versions

Versions of M-Business Anywhere from 6.7 ESD# 3, and 7.0 ESD# 7 contain the fixes to correct the issues.

Tracking

Sybase is tracking these issues under Bug ID# 678497, 678499.

These Bug IDs are fixed in the following EBFs.

Downloads

EBFs are obtained from the Sybase EBFs and Maintenance site.

http://downloads.sybase.com/

Follow the instructions in the EBF cover letter to install the EBF.

If you require further assistance please contact your local support center. The contact numbers can be found in the About Support section under Support & Services at the www.sybase.com website.

http://www.sybase.com/contactus/support

Copyright © 2011 Sybase, Inc. All rights reserved.