Environment
Novell ZENworks 10 Configuration Management with Support Pack 1 - 10.1 Database
Situation
A vulnerability with the ZCM10 Sybase Database has been shown through a Security Software (Nessus®) report. The ZENworks Embedded Datastore server internally uses Sybase Adaptive Server Anywhere database. The server is configured to listen for client connection broadcasts, which allows an attacker to see the name and port that the Sybase Adaptive Server Anywhere server is running on.
Resolution
As per the Nessus® report, the issue can be resolved by configuring the Sybase ASA service (Novell ZENworks Embedded Datastore) with the command line switch '-sb' to turn off broadcast listening.
Additional Information
The internal Sybase database has a configuration file 'zenworks_database.conf' located under <ZENworks_Home_Directory>\conf directory. This file has a number of settings stored in it. The default ones that one can see are -gk, -x and -c. To resolve the vulnerability, one would just need to insert the following line anywhere before the final line:
-sb 1
Restarting the ZENworks Embedded Database service after this change, resolves the vulnerability. Running a Nessus scan after updating the configuration no longer lists the vulnerability.
-sb 1
Restarting the ZENworks Embedded Database service after this change, resolves the vulnerability. Running a Nessus scan after updating the configuration no longer lists the vulnerability.