Detections
Analytics

Firebird SQL Server for Linux 2.5.x < 2.5.7 / 3.0.x < 3.0.2 UDF Libraries RCE

high Nessus Plugin ID 99132

Language:

Synopsis

A database server installed on the remote host is affected by a remote code execution vulnerability.

Description

The version of Firebird SQL Server for Linux installed on the remote host is 2.5.x prior to 2.5.7 or 3.0.x prior to 3.0.2. It is, therefore, affected by a flaw in the UDF component due to insufficient restrictions on access to external functions by the symbols of the UDF library. An authenticated, remote attacker can exploit this issue, via a 'system' entry point from fbudf.so, to execute arbitrary code in the context of the Firebird server process.

Solution

Upgrade to Firebird SQL Server version 2.5.7 / 3.0.2 or later.

See Also

http://tracker.firebirdsql.org/browse/CORE-5474

http://www.nessus.org/u?ad85ce8e

http://www.nessus.org/u?b4ea4669

http://www.nessus.org/u?58e79841

Plugin Details

Severity: High

ID: 99132

File Name: firebird_CVE-2017-6369.nasl

Version: 1.5

Type: local

Family: General

Published: 3/31/2017

Updated: 7/12/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 8.8

Temporal Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:firebirdsql:firebird

Required KB Items: installed_sw/Firebird SQL Server

Exploit Ease: No known exploits are available

Patch Publication Date: 2/17/2017

Vulnerability Publication Date: 2/1/2017

Reference Information

CVE: CVE-2017-6369

BID: 97070

IAVB: 2017-B-0039