[pkg-firebird-general] Bug#432753: [Firebird-devel] Old 1.5 security issues question
Adriano dos Santos Fernandes
adrianosf at uol.com.br
Wed Aug 15 10:31:48 UTC 2007
Damyan Ivanov escreveu:
> Dear Firebird developers,
>
> I've got a bug report for the debian packages for firebrid 1.5 that I
> can't handle myself. I would be grateful for some insights.
>
> http://bugs.debian.org/432753
>
> There is some uncertainty about four CVE issues with regard of their
> presence in Firebird 1.5.3.
>
> Two of these
> http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-7213
> CVE-2006-7213
> Firebird 1.5 allows remote authenticated users without SYSDBA and
> owner permissions to overwrite a database by creating a database.
>
SF #1155520 - Any user can replace databases created by others
Adriano
More information about the pkg-firebird-general
mailing list