ID CVE-2008-1880
Summary The default configuration of Firebird before 2.0.3.12981.0-r6 on Gentoo Linux sets the ISC_PASSWORD environment variable before starting Firebird, which allows remote attackers to bypass SYSDBA authentication and obtain sensitive database information via an empty password.
References
Vulnerable Configurations
  • Gentoo Linux
    cpe:2.3:o:gentoo:linux
  • cpe:2.3:a:firebird:firebird:2.0.3.12981.0
    cpe:2.3:a:firebird:firebird:2.0.3.12981.0
  • cpe:2.3:a:firebird:firebird:2.0.3.12981.0:r5
    cpe:2.3:a:firebird:firebird:2.0.3.12981.0:r5
CVSS
Base: 5.0 (as of 12-05-2008 - 13:17)
Impact:
Exploitability:
CWE CWE-255
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL NONE NONE
nessus via4
  • NASL family Databases
    NASL id FIREBIRD_ISC_PASSWORD_SET.NASL
    description The version of Firebird on the remote host sets the 'ISC_PASSWORD' environment variable before starting the database server and uses that for remote client connections when a password is not supplied. An attacker can leverage this issue to connect as 'SYSDBA' with an empty password and gain access to any database on the affected host except for 'security2.fdb', which holds the database user credentials.
    last seen 2019-02-21
    modified 2018-11-15
    plugin id 32316
    published 2008-05-14
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32316
    title Firebird on Gentoo Linux /etc/conf.d/firebird Invocation ISC_PASSWORD Authentication Bypass
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200805-06.NASL
    description The remote host is affected by the vulnerability described in GLSA-200805-06 (Firebird: Data disclosure) Viesturs reported that the default configuration for Gentoo's init script ('/etc/conf.d/firebird') sets the 'ISC_PASSWORD' environment variable when starting Firebird. It will be used when no password is supplied by a client connecting as the 'SYSDBA' user. Impact : A remote attacker can authenticate as the 'SYSDBA' user without providing the credentials, resulting in complete disclosure of all databases except for the user and password database (security2.fdb). Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-08-10
    plugin id 32208
    published 2008-05-11
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=32208
    title GLSA-200805-06 : Firebird: Data disclosure
refmap via4
bid 29123
confirm http://bugs.gentoo.org/show_bug.cgi?id=216158
gentoo GLSA-200805-06
secunia 30162
xf firebird-sysdba-unath-access(42299)
Last major update 05-09-2008 - 17:38
Published 12-05-2008 - 12:20
Last modified 07-08-2017 - 21:30
Back to Top