Sybase SQL Anywhere is the backend database for Cabi 3.3. Following vulnerability is been reported by a security/vulnerability scanner on the Cabi server
The remote Sybase SQL Anywhere / Adaptive Server Anywhere database is configured to listen for client connection broadcasts, which allows an attacker to see the name and port that the Sybase SQL Anywhere / Adaptive Server Anywhere server is running on.
Following solution will help you avoid the security risk reported by the Vulnerability scanner on the Cabi server
Switch off broadcast listening via the '-sb' switch when starting Sybase.
Using -sb 0 causes the database server to not start any UDP broadcast listeners. This forces clients to use a HOST connection parameter or HOST protocol option when connecting to the database server. This also causes the database server to be unlisted when using dblocate.
Using -sb 1 causes the database server to not respond to broadcasts from dblocate, but still starts UDP listeners.
Solution is implemented using the following steps:
Risk factor :
Medium / CVSS Base Score : 5.0
Release: ESPCLA99000-13.2-Clarity-Extended Support Plus