Firebird *connect* Request Handling Buffer Overflow Vulnerability

Posted on Tuesday, June 12, 2007 @ 16:57:18 PDT in Security
by Raven

SECUNIA ADVISORY ID: SA25601

VERIFY ADVISORY: http://secunia.com/advisories/25601/

CRITICAL: Moderately critical

IMPACT: System access

WHERE: >From local network

SOFTWARE: Firebird 2.x - http://secunia.com/product/11516/

DESCRIPTION: Cody Pierce has reported a vulnerability in Firebird, which can be exploited by malicious people to compromise a vulnerable system.

The vulnerability is caused due to an error within the handling of "connect" requests (0x1) with a large "p_cnct_count" value. This can be exploited to cause a buffer overflow by sending a specially crafted connect request to a vulnerable server (default port 3050/TCP). The vulnerability is reported in Firebird 2. Other versions may also be affected.

SOLUTION: Update to version 2.0.1.

PROVIDED AND/OR DISCOVERED BY: Cody Pierce, TippingPoint DVLabs

ORIGINAL ADVISORY: http://dvlabs.tippingpoint.com/advisory/TPTI-07-11

OTHER REFERENCES: http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf
 
 
click Related        click Share
 
News ©

Site Info v2.2.2

Last SeenLast Seen
Server TrafficServer Traffic
  • Total: 361,601,078
  • Today: 15,435
Server InfoServer Info
  • Jul 16, 2018
  • 03:52 am PDT
 
 

Daily Inspiration