[Secure-testing-team] Bug#858644: CVE-2017-6369: authenticated remote execution in firebird 2.5 before version 3.0.2
Damyan Ivanov
dmn at debian.org
Fri Mar 24 19:22:53 UTC 2017
Package: firebird3.0-server-core
Version: 3.0.1.32609.ds4-13
Severity: grave
Tags: patch upstream security
Justification: user security hole
Forwarded: http://tracker.firebirdsql.org/browse/CORE-5474
Authenticated Firebird users are allowed to declare UDFs (user-defined
functions). The default config allows using all entry points from the standard
UDF library, which is dynamically linked with libc, with its symbols
re-exported, including system().
Relevant upstream commits for 3.0:
- https://github.com/FirebirdSQL/firebird/commit/8b2a9cb44bf6055e15f016d70a6842b8ada60375
More information about the Secure-testing-team
mailing list