| 网管联盟 | 网管论坛 | 网管u家 | 网管博客 | 网管软件 | 网管求职 | 小游戏 | 网管搜索 | 网管原创 | 网管聚合 | 网管读摘 | 网管焦点 | 世界素材 | 会员投稿 | 会员中心 |
|
| Windows Linux Cisco 网络技术 数据库 黑客攻防 DotNet Java PHP 认证 新闻资讯 服务器 存储资讯 网络设备 网管学堂 技术专题 焦点 网吧频道 |
Fix Available: Yes Exploit Included: Yes Vendor Confirmed: Yes
Version(s): prior to 2.0.3.12981
Description: Several vulnerabilities were reported in Firebird. A remote user can execute arbitrary code on the target system.
A remote user can send specially crafted attach, create, or service attach requests to trigger a buffer overflow and execute arbitrary code on the target system. The code will run with the privileges of the target service. 网管联盟bitsCN@com
The following functions are affected: 网管bitscn_com
INET_connect
SVC_attach
isc_attach_ database
isc_create_database
中国网管联盟bitsCN.com
Adriano Lima and Ramon de Carvalho Valle of RISE Security reported these vulnerabilities. 网管网www_bitscn_com
The original advisory is available at:
网管朋友网www_bitscn_net
http://risesecurity.org/advisory/RISE-2007003/
Impact: A remote user can execute arbitrary code on the target system.
Solution: The vendor has issued a fixed version (2.0.3.12981).
中国网管联盟bitsCN.com
The INET_connect and SVC_attach vulnerabilities were corrected in 2.0.0.12748.
Vendor URL: www.firebirdsql.org/ (Links to External Site)
Cause: Boundary error
Underlying OS: Linux (Any), UNIX (Any)
Reported By: RISE Security <advisories@risesecurity.org>
Message History: None.
Source Message Contents
Date: Wed, 03 Oct 2007 23:59:34 -0300
From: RISE Security <advisories@risesecurity.org>
Subject: [RISE-2007003] Firebird Relational Database Multiple Buffer Overflow 网管u家bitscn.net
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1 网管u家u.bitscn@com
Firebird Relational Database Multiple Buffer Overflow Vulnerabilities 网管网www_bitscn_com
http://risesecurity.org/advisory/RISE-2007003/
Published: October 3, 2007
Updated: October 3, 2007 网管u家u.bitscn@com
INTRODUCTION
网管u家u.bitsCN.com
There exists multiple vulnerabilities within functions of Firebird
Relational
Database, which when properly exploited can lead to remote compromise of the
vulnerable system.
These vulnerabilities were confirmed by us in the following versions of
Firebird
Relational Database, other versions may be also affected. 网管联盟bitsCN_com
Firebird WI-V2.0.1.12855
Firebird WI-V2.0.0.12748
Firebird WI-V1.5.4.4910
Firebird WI-V1.5.3.4870
Firebird LI-V2.0.1.12855
Firebird LI-V2.0.0.12748
Firebird LI-V1.5.4.4910
Firebird LI-V1.5.3.4870 网管论坛bbs_bitsCN_com
DETAILS 网管有家www.bitscn.net
The vulnerable functions do not validate user supplied data when copying
it to a
stack-based buffer, resulting in a stack-based buffer overflow. The
exploitation
of these vulnerabilities are trivial and results in remote compromise of the
vulnerable system. 网管联盟bitsCN_com
This is the list of vulnerable functions, some of them contain more than one
stack-based buffer overflow vulnerability.
网管u家u.bitsCN.com
1. INET_connect (Firebird 1.5)
2. SVC_attach (Firebird 1.5)
3. isc_attach_database (Firebird 2.0)
4. isc_create_database (Firebird 2.0) 网管有家bitscn.net
These vulnerabilities can be triggered by sending specially crafted attach,
create and service attach requests.
Proof of concept codes for these vulnerabilities can be downloaded from our
website http://risesecurity.org/. 网管u家u.bitscn@com
VENDOR 中国网管联盟bitsCN.com
The vulnerabilities 1 and 2 were cerrected in Firebird XX-V2.0.0.12748,
3 and 4
were corrected in Firebird XX-V2.0.3.12981.
CREDITS
These vulnerabilities were discovered by Adriano Lima
<adriano@risesecurity.org>
and Ramon de Carvalho Valle <ramon@risesecurity.org>.
网管联盟bitsCN_com
DISCLAIMER 网管网www.bitscn.com
The authors reserve the right not to be responsible for the topicality,
correctness, completeness or quality of the information provided in this
document. Liability claims regarding damage caused by the use of any
information
provided, including any kind of information which is incomplete or
incorrect,
will therefore be rejected.
APPENDIX 网管下载dl.bitscn.com
Proof of concept codes for these vulnerabilities can be downloaded from our
website http://risesecurity.org/. 网管u家www.bitscn.net
$Id: RISE-2007003.txt 10 2007-10-04 00:58:59Z ramon $ 网管bitscn_com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux) 网管bitscn_com
iD8DBQFHBFcWhFjK78TGSUERApYoAJ4yaoWo7aunx5WYz64IfGgxoWiKRwCfUnOW
A0bgGMII9z8uFrktgk0SSds=
=jnE+
-----END PGP SIGNATURE----- 中国网管论坛bbs.bitsCN.com
|
0
|
评论加载中…