CVE-2013-2492 – Firebird - Relational Database CNCT Group Number Buffer Overflow
https://notcve.org/view.php?id=CVE-2013-2492
Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT information. Desbordamiento de búfer basado en pila en Firebird v2.1.3 hasta v2.1.5 anterior a 18514, y v2.5.1 hasta v2.5.3 anterior a 26623, en Windows permite a atacantes remotos ejecutar código arbitrario a través de paquetes manipulados por el puerto TCP 3050, en relación con una comprobación de tamaño perdido durante la extracción de un número de grupo de información CNCT. • https://www.exploit-db.com/exploits/41709 http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00036.html http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00039.html http://tracker.firebirdsql.org/browse/CORE-4058 http://www.debian.org/security/2013/dsa-2647 http://www.debian.org/security/2013/dsa-2648 http://www.securityfocus.com/bid/58393 https://gist.github.com/zeroSteiner/85daef257831d904479c https://github.com/rapid7/metasploit-framework/blob/master/modules/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-5529
https://notcve.org/view.php?id=CVE-2012-5529
TraceManager in Firebird 2.5.0 and 2.5.1, when trace is enabled, allows remote authenticated users to cause a denial of service (NULL pointer dereference and crash) by preparing an empty dynamic SQL query. TraceManager en Firebird v2.5.0 y v2.5.1, cuando el rastreo está habilitado, permite a usuarios remotos autenticados provocar una denegación de servicio (desreferencia puntero NULL y caída) mediante la preparación de una consulta vacía SQL dinámica. • http://tracker.firebirdsql.org/browse/CORE-3884 http://www.debian.org/security/2013/dsa-2648 http://www.openwall.com/lists/oss-security/2012/11/14/6 http://www.openwall.com/lists/oss-security/2012/11/14/8 http://www.securityfocus.com/bid/56521 http://www.securitytracker.com/id?1027769 https://exchange.xforce.ibmcloud.com/vulnerabilities/80073 • CWE-399: Resource Management Errors •
CVE-2009-2620 – Firebird SQL - op_connect_request main listener shutdown
https://notcve.org/view.php?id=CVE-2009-2620
src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6, 2.0 before 2.0.6, 2.1 before 2.1.3, and 2.5 before 2.5 Beta 2 allows remote attackers to cause a denial of service (daemon crash) via a malformed op_connect_request message that triggers an infinite loop or NULL pointer dereference. src/remote/server.cpp en fbserver.exe en Firebird SQL v1.5 anterior a v1.5.6, v2.0 anterior a v2.0.6, v2.1 anterior a v2.1.3, y v2.5 anterior a v2.5 Beta 2, permite a atacantes remotos provocar una denegación de servicio (caída de demonio) a través de un mensaje op_connect_request mal formado que provoca un bucle infinito o una deferencia a puntero NULL. • https://www.exploit-db.com/exploits/9295 http://tracker.firebirdsql.org/browse/CORE-2563 http://www.coresecurity.com/content/firebird-sql-dos http://www.exploit-db.com/exploits/9295 http://www.securityfocus.com/bid/35842 https://bugzilla.redhat.com/show_bug.cgi?id=514463 https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01341.html https://www.redhat.com/archives/fedora-package-announce/2009-August/msg01370.html • CWE-20: Improper Input Validation •
CVE-2008-0467
https://notcve.org/view.php?id=CVE-2008-0467
Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before 2.1.0 RC1, might allow remote attackers to execute arbitrary code via a long username. Un desbordamiento de búfer en la región stack de la memoria en Firebird versiones anteriores a 2.0.4 y versiones 2.1.x anteriores a 2.1.0 RC1, podría permitir a atacantes remotos ejecutar código arbitrario por medio de un nombre de usuario largo. • http://secunia.com/advisories/28596 http://secunia.com/advisories/29203 http://secunia.com/advisories/29501 http://security.gentoo.org/glsa/glsa-200803-02.xml http://sourceforge.net/project/shownotes.php?group_id=9028&release_id=570800 http://sourceforge.net/project/shownotes.php?release_id=570816&group_id=9028 http://tracker.firebirdsql.org/browse/CORE-1603 http://www.debian.org/security/2008/dsa-1529 http://www.securityfocus.com/bid/27467 http://www.securitytracker.com/id?10192 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-0387 – Firebird 2.0.3 Relational Database - 'protocol.cpp' XDR Protocol Remote Memory Corruption
https://notcve.org/view.php?id=CVE-2008-0387
Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption. Desbordamiento de entero en Firebird SQL 1.0.3 y versiones anteriores, 1.5.x versiones anteriores a 1.5.6, 2.0.x versiones anteriores a 2.0.4, y 2.1.x versiones anteriores a 2.1.0 RC1, podría permitir a atacantes remotos ejecutar código de su elección mediante peticiones manipuladas (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, y (6) op_start_send_and_receive XDR, que disparan corrupción de memoria. • https://www.exploit-db.com/exploits/31050 http://secunia.com/advisories/29203 http://secunia.com/advisories/29501 http://security.gentoo.org/glsa/glsa-200803-02.xml http://securityreason.com/securityalert/3580 http://sourceforge.net/project/shownotes.php?group_id=9028&release_id=570800 http://tracker.firebirdsql.org/browse/CORE-1681 http://www.coresecurity.com/?action=item&id=2095 http://www.debian.org/security/2008/dsa-1529 http://www.securityfocus.com/archive/1/487173/100 • CWE-189: Numeric Errors •