Sybase NNTP forums - End Of Life (EOL)

The NNTP forums from Sybase - forums.sybase.com - are now closed.

All new questions should be directed to the appropriate forum at the SAP Community Network (SCN).

Individual products have links to the respective forums on SCN, or you can go to SCN and search for your product in the search box (upper right corner) to find your specific developer center.

Where to report security vulnerabilities

4 posts in General Discussion Last posting was on 2011-10-23 14:26:12.0Z
Martin Rakhmanov Posted on 2011-10-23 13:23:44.0Z
From: Martin Rakhmanov <martin.rakhmanov@gmail.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.23) Gecko/20110920 Lightning/1.0b2 Thunderbird/3.1.15
MIME-Version: 1.0
Newsgroups: sybase.public.ase.general
Subject: Where to report security vulnerabilities
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
NNTP-Posting-Host: vip152.sybase.com
X-Original-NNTP-Posting-Host: vip152.sybase.com
Message-ID: <4ea41560$1@forums-1-dub>
Date: 23 Oct 2011 06:23:44 -0700
X-Trace: forums-1-dub 1319376224 10.22.241.152 (23 Oct 2011 06:23:44 -0700)
X-Original-Trace: 23 Oct 2011 06:23:44 -0700, vip152.sybase.com
Lines: 5
Path: forums-1-dub!not-for-mail
Xref: forums-1-dub sybase.public.ase.general:30636
Article PK: 73527

Hello

Where do I report security vulnerabilities found in Sybase ASE?

Thanks


"Mark A. Parsons" <iron_horse Posted on 2011-10-23 13:35:56.0Z
From: "Mark A. Parsons" <iron_horse@no_spamola.compuserve.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.13) Gecko/20101207 Lightning/1.0b2 Thunderbird/3.1.7
MIME-Version: 1.0
Newsgroups: sybase.public.ase.general
Subject: Re: Where to report security vulnerabilities
References: <4ea41560$1@forums-1-dub>
In-Reply-To: <4ea41560$1@forums-1-dub>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
NNTP-Posting-Host: vip152.sybase.com
X-Original-NNTP-Posting-Host: vip152.sybase.com
Message-ID: <4ea4183c$1@forums-1-dub>
Date: 23 Oct 2011 06:35:56 -0700
X-Trace: forums-1-dub 1319376956 10.22.241.152 (23 Oct 2011 06:35:56 -0700)
X-Original-Trace: 23 Oct 2011 06:35:56 -0700, vip152.sybase.com
Lines: 12
Path: forums-1-dub!not-for-mail
Xref: forums-1-dub sybase.public.ase.general:30639
Article PK: 73530

Open a case with Sybase tech support.

Tech support will (obviously?) require details so that they can verify/refute the vulnerability; assuming a
vulnerability tech support can then get the appropriate engineering resources involved to address the vulnerability.

On 10/23/2011 09:23, Martin Rakhmanov wrote:
> Hello
>
> Where do I report security vulnerabilities found in Sybase ASE?
>
> Thanks


Martin Rakhmanov Posted on 2011-10-23 13:55:24.0Z
From: Martin Rakhmanov <martin.rakhmanov@gmail.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.23) Gecko/20110920 Lightning/1.0b2 Thunderbird/3.1.15
MIME-Version: 1.0
Newsgroups: sybase.public.ase.general
Subject: Re: Where to report security vulnerabilities
References: <4ea41560$1@forums-1-dub> <4ea4183c$1@forums-1-dub>
In-Reply-To: <4ea4183c$1@forums-1-dub>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
NNTP-Posting-Host: vip152.sybase.com
X-Original-NNTP-Posting-Host: vip152.sybase.com
Message-ID: <4ea41ccc$1@forums-1-dub>
Date: 23 Oct 2011 06:55:24 -0700
X-Trace: forums-1-dub 1319378124 10.22.241.152 (23 Oct 2011 06:55:24 -0700)
X-Original-Trace: 23 Oct 2011 06:55:24 -0700, vip152.sybase.com
Lines: 18
Path: forums-1-dub!not-for-mail
Xref: forums-1-dub sybase.public.ase.general:30640
Article PK: 73531

I have to buy support contract to report a vulnerability?

On 10/23/2011 9:35 AM, Mark A. Parsons wrote:
> Open a case with Sybase tech support.
>
> Tech support will (obviously?) require details so that they can
> verify/refute the vulnerability; assuming a vulnerability tech support
> can then get the appropriate engineering resources involved to address
> the vulnerability.
>
>
> On 10/23/2011 09:23, Martin Rakhmanov wrote:
>> Hello
>>
>> Where do I report security vulnerabilities found in Sybase ASE?
>>
>> Thanks


"Mark A. Parsons" <iron_horse Posted on 2011-10-23 14:26:12.0Z
From: "Mark A. Parsons" <iron_horse@no_spamola.compuserve.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.13) Gecko/20101207 Lightning/1.0b2 Thunderbird/3.1.7
MIME-Version: 1.0
Newsgroups: sybase.public.ase.general
Subject: Re: Where to report security vulnerabilities
References: <4ea41560$1@forums-1-dub> <4ea4183c$1@forums-1-dub> <4ea41ccc$1@forums-1-dub>
In-Reply-To: <4ea41ccc$1@forums-1-dub>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
NNTP-Posting-Host: vip152.sybase.com
X-Original-NNTP-Posting-Host: vip152.sybase.com
Message-ID: <4ea42404$1@forums-1-dub>
Date: 23 Oct 2011 07:26:12 -0700
X-Trace: forums-1-dub 1319379972 10.22.241.152 (23 Oct 2011 07:26:12 -0700)
X-Original-Trace: 23 Oct 2011 07:26:12 -0700, vip152.sybase.com
Lines: 32
Path: forums-1-dub!not-for-mail
Xref: forums-1-dub sybase.public.ase.general:30641
Article PK: 73532

Have you tried calling tech support and explaining to them your situation? (Granted, depending on who you get to answer
the call you may not get very far, but you won't know until you try.)

Other options ...

Setup a free account @ sybase.com, log into Support > Case Management, and from the left-side menu select 'create bug
report case'. (There may be other menu options that apply to your situation but I'm not working with a sybase login
without a support contract.)

Post your same message to the ISUG forum ... then wait to see if someone from Sybase responds to your newsgroup and/or
ISUG postings.

On 10/23/2011 09:55, Martin Rakhmanov wrote:
> I have to buy support contract to report a vulnerability?
>
> On 10/23/2011 9:35 AM, Mark A. Parsons wrote:
>> Open a case with Sybase tech support.
>>
>> Tech support will (obviously?) require details so that they can
>> verify/refute the vulnerability; assuming a vulnerability tech support
>> can then get the appropriate engineering resources involved to address
>> the vulnerability.
>>
>>
>> On 10/23/2011 09:23, Martin Rakhmanov wrote:
>>> Hello
>>>
>>> Where do I report security vulnerabilities found in Sybase ASE?
>>>
>>> Thanks
>