[pkg-firebird-general] Bug#432753: Old 1.5 security issues question

Damyan Ivanov dam at modsoftsys.com
Tue Aug 14 20:33:07 UTC 2007 

Dear Firebird developers,

I've got a bug report for the debian packages for firebrid 1.5 that I
can't handle myself. I would be grateful for some insights.

http://bugs.debian.org/432753

There is some uncertainty about four CVE issues with regard of their
presence in Firebird 1.5.3.

Two of these
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7213
    CVE-2006-7213
    Firebird 1.5 allows remote authenticated users without SYSDBA and
    owner permissions to overwrite a database by creating a database.
and
    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7211
    CVE-2006-7211
    fb_lock_mgr in Firebird 1.5 uses weak permissions (0666) for the
    semaphore array, which allows local users to cause a denial of
    service (blocked query processing) by locking semaphores.
are unreproducible with Debian packages and thus are not that interesting.

The other two, however are rather unclear as of how to reproduce or
whether they are fixed in 1.5.3 (or 1.5.4) so I'd appreciate your comments:

    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7214
    CVE-2006-7214
    Multiple unspecified vulnerabilities in Firebird 1.5 allow remote
    attackers to (1) cause a denial of service (application crash) by
    sending many remote protocol versions; and (2) cause a denial of
    service (connection drop) via certain network traffic, as
    demonstrated by Nessus vulnerability scanning.

    http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7212
    CVE-2006-7212
    Multiple buffer overflows in Firebird 1.5, one of which affects
    WNET, have unknown impact and attack vectors. NOTE: this issue might
    overlap CVE-2006-1240.

As far as I can tell, the existence of the issues is deduced from
firebird 2.0 release notes, which are not very clear about what exactly
the problem is and how to reproduce it.

Your comments are much appreciated. Please carbon-copy
432753 at bugs.debian.org in your replies.
-- 
dam                   JabberID: dam at jabber.minus273.org

More information about the pkg-firebird-general mailing list