[pkg-firebird-general] Bug#441405: Several Firebird vulnerabilities discovered
Thijs Kinkhorst
thijs at debian.org
Sun Sep 9 14:08:29 UTC 2007
Package: firebird2.0
Severity: grave
Tags: security
Hi,
Several new vulnerabilities have been discovered and fixed in Firebird. The
following are reported:
CVE-2007-3527: Integer overflow in Firebird 2.0.0 allows remote authenticated
users to cause a denial of service (CPU consumption) via certain database
operations with multi-byte character sets that trigger an attempt to use the
value 65536 for a 16-bit integer, which is treated as 0 and causes an
infinite loop on zero-length data.
CVE-2007-4664: Unspecified vulnerability in the (1) attach database and (2)
create database functionality in Firebird before 2.0.2, when a filename
exceeds MAX_PATH_LEN, has unknown impact and attack vectors, aka CORE-1405.
CVE-2007-4665: Unspecified vulnerability in the server in Firebird before
2.0.2 allows remote attackers to cause a denial of service (daemon crash) via
an XNET session that makes multiple simultaneous requests to register events,
aka CORE-1403.
CVE-2007-4666: Unspecified vulnerability in the server in Firebird before
2.0.2, when a Superserver/TCP/IP environment is configured, allows remote
attackers to cause a denial of service (CPU and memory consumption)
via "large network packets with garbage", aka CORE-1397.
CVE-2007-4667: Unspecified vulnerability in the Services API in Firebird
before 2.0.2 allows remote attackers to cause a denial of service, aka
CORE-1149.
CVE-2007-4668: Unspecified vulnerability in the server in Firebird before
2.0.2 allows remote attackers to determine the existence of arbitrary files,
and possibly obtain other "file access," via unknown vectors, aka CORE-1312.
CVE-2007-4669: The Services API in Firebird before 2.0.2 allows remote
authenticated users without SYSDBA privileges to read the server log
(firebird.log), aka CORE-1148.
Please see:
http://security-tracker.debian.net/tracker/source-package/firebird2.0
http://security-tracker.debian.net/tracker/source-package/firebird2
http://security-tracker.debian.net/tracker/source-package/firebird1.5
and the links from there, for detailed information on these issues.
As I see it, these are all or mostly all fixed upstream. For unstable, you
could therefore probably suffice with uploading this new upstream release.
Please mention any CVE id's when fixing these issues.
For sarge and etch, it needs to be verified which ones apply and how they can
be fixed.
thanks
Thijs
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 481 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-firebird-general/attachments/20070909/b2c3b7e3/attachment.pgp
More information about the pkg-firebird-general
mailing list