(CR #415512) EAServer Manager allows users to view connection caches in a dialog box that have passwords. Normally, these passwords cannot be seen. However, due to a security issue, users with guest permission to EAServer Manager can view the password, that can be used to gain unauthorized access to a protected database. EAServer 5.3 and products that embed them, are affected by this issue.
To address the security risk using EAServer or products that embed EAServer 5.3, download EBF 13190 and apply it to your EAServer 5.3 on Solaris installation. You can download this EBF from Sybase Web site and select Downloads | EBFs/Maintenance.
For more information about this security issue, see the Sybase Techincal Documents Urgent Notice.
