Name:
Firebird.Database.Username.Buffer.Overflow
Released Date:
Feb 18 2008
Severity:
critical
CVE:
2008-0467
Bugtraq:
27467

FortiGuard Center > Vulnerability Encyclopedia


In-Depth Analysis

Description
This indicates an attempt to exploit a buffer overflow vulnerability in FireBird.

The FireBird SQL application contains a stack based buffer overflow vulnerability that is triggered when processing an overly long username. Successful exploition could make it possible for an attacker to execute arbitrary code on a vulnerable system.
 
Impact
System Compromise: remote attackers can gain control of vulnerable systems.
 
Affected Products
Firebird 1.x
Firebird 2.x
Aliases
Firebird.Database.Username.Buffer.Overflow
Firebird.Username.Buffer.Overflow
References
http://www.securityfocus.com/bid/27467
http://www.frsirt.com/english/advisories/2008/0300
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=2008-0467
http://secunia.com/advisories/28596/
Recommended Actions
Upgrade to Firebird 2.1.0 RC1

 
 
SITE MAP  |  LEGAL NOTICES

      © 2003 FORTINET INC. ALL RIGHTS RESERVED