This script is Copyright (C) 2017 Tenable Network Security, Inc.
A database server installed on the remote host is affected by a remote
code execution vulnerability.
The version of Firebird SQL Server for Linux installed on the remote
host is 2.5.x prior to 2.5.7 or 3.0.x prior to 3.0.2. It is, therefore,
affected by a flaw in the UDF component due to insufficient restrictions
on access to external functions by the symbols of the UDF library. An
authenticated, remote attacker can exploit this issue, via a 'system'
entry point from fbudf.so, to execute arbitrary code in the context of
the Firebird server process.
See also :
Upgrade to Firebird SQL Server version 2.5.7 / 3.0.2 or later.
Risk factor :
Medium / CVSS Base Score : 6.5
CVSS Temporal Score : 5.4
Public Exploit Available : true