ISS X-Force Database: firebird-username-bo(39981): Firebird username buffer overflow

Firebird username buffer overflow

firebird-username-bo (39981)

High Risk

Description:

Firebird is vulnerable to a stack-based buffer overflow, caused by improper bounds checking while processing usernames. By sending an overly long username, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.

Platforms Affected:

FirebirdSQL, Firebird 1.0.3
FirebirdSQL, Firebird 1.5.4
FirebirdSQL, Firebird 2.0.0
FirebirdSQL, Firebird 2.0.1
FirebirdSQL, Firebird 2.0.2
FirebirdSQL, Firebird 2.0.3
FirebirdSQL, Firebird 2.1_alpha
FirebirdSQL, Firebird 2.1_beta
FirebirdSQL, Firebird 2.1_beta2
Gentoo, Linux

Remedy:

Upgrade to the latest version of Firebird (2.1 RC1 or later), available from SourceForge.net:Files. See References.

Consequences:

Gain Access

References:

Firebird Web site, Firebird at http://www.firebirdsql.org/.
SourceForge.net: Files, Firebird Release Name: 2.1 RC1 at http://sourceforge.net/project/shownotes.php?group_id=9028&release_id=570800.
BID-27467: Firebird Username Remote Buffer Overflow Vulnerability
CVE-2008-0467: Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before 2.1.0 RC1, might allow remote attackers to execute arbitrary code via a long username.
DSA-1529: firebird -- multiple vulnerabilities
GLSA-200803-02: Firebird: Multiple vulnerabilities
SA28596: Firebird Multiple Vulnerabilities
SA29501: Debian firebird2 Multiple Vulnerabilities
SECTRACK ID: 1019277: Firebird Buffer Overflow in Processing 'username' Lets Remote Users Execute Arbitrary Code
VUPEN/ADV-2008-0300: Firebird Data Handling Multiple Remote Code Execution Vulnerabilities

Reported:

Jan 28, 2008

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page