Firebird DataBase Server fbserver.exe p_cnct_count Value Remote Overflow

critical Nessus Plugin ID 25492

Synopsis

The remote database server allows execution of arbitrary code.

Description

The version of Firebird installed on the remote host is vulnerable to a buffer overflow in its protocol handling routine. By sending a specially crafted 'op_connect' request, a remote, unauthenticated attacker can execute code on the affected host with SYSTEM privileges.

Solution

Upgrade to Firebird 2.0.1 or later.

See Also

http://dvlabs.tippingpoint.com/advisory/TPTI-07-11

http://www.nessus.org/u?1cb912c4

Plugin Details

Severity: Critical

ID: 25492

File Name: firebird_overflow.nasl

Version: 1.17

Type: remote

Family: Databases

Published: 6/13/2007

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 7.8

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/a:firebirdsql:firebird

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 6/11/2007

Reference Information

CVE: CVE-2007-3181

BID: 24436