ID CVE-2007-3181
Summary Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to "an InterBase version of gds32.dll."
References
Vulnerable Configurations
  • cpe:2.3:a:bakbone:netvault:6.x
    cpe:2.3:a:bakbone:netvault:6.x
  • Firebird Firebird 2.0.0
    cpe:2.3:a:firebirdsql:firebird:2.0.0
CVSS
Base: 10.0 (as of 13-06-2007 - 17:47)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
exploit-db via4
description Firebird SQL Fbserver 2.0 Remote Buffer Overflow Vulnerability. CVE-2007-3181. Remote exploit for linux platform
id EDB-ID:30186
last seen 2016-02-03
modified 2007-06-12
published 2007-06-12
reporter Cody Pierce
source https://www.exploit-db.com/download/30186/
title Firebird SQL Fbserver 2.0 - Remote Buffer Overflow Vulnerability
nessus via4
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1529.NASL
    description Multiple security problems have been discovered in the Firebird database, which may lead to the execution of arbitrary code or denial of service. This Debian security advisory is a bit unusual. While it\'s normally our strict policy to backport security bugfixes to older releases, this turned out to be infeasible for Firebird 1.5 due to large infrastructural changes necessary to fix these issues. As a consequence security support for Firebird 1.5 is hereby discontinued.
    last seen 2019-02-21
    modified 2016-12-06
    plugin id 38955
    published 2008-03-28
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=38955
    title Debian DSA-1529-1 : firebird -- multiple vulnerabilities
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200707-01.NASL
    description The remote host is affected by the vulnerability described in GLSA-200707-01 (Firebird: Buffer overflow) Cody Pierce from TippingPoint DVLabs has discovered a buffer overflow when processing 'connect' requests with an overly large 'p_cnct_count' value. Impact : An unauthenticated remote attacker could send a specially crafted request to a vulnerable server, possibly resulting in the execution of arbitrary code with the privileges of the user running Firebird. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 25641
    published 2007-07-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25641
    title GLSA-200707-01 : Firebird: Buffer overflow
  • NASL family Databases
    NASL id FIREBIRD_OVERFLOW.NASL
    description The version of Firebird installed on the remote host is vulnerable to a buffer overflow in its protocol handling routine. By sending a specially crafted 'op_connect' request, a remote, unauthenticated attacker can execute code on the affected host with SYSTEM privileges.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 25492
    published 2007-06-13
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25492
    title Firebird DataBase Server fbserver.exe p_cnct_count Value Remote Overflow
refmap via4
bid 24436
confirm http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf
debian DSA-1529
gentoo GLSA-200707-01
misc http://dvlabs.tippingpoint.com/advisory/TPTI-07-11
osvdb 37231
secunia
  • 25601
  • 25872
  • 29501
vupen ADV-2007-2149
xf firebird-fbserver-bo(34833)
Last major update 30-10-2012 - 22:37
Published 12-06-2007 - 19:30
Last modified 28-07-2017 - 21:32
Back to Top