CVE-2007-4992 – Firebird process_packet() Remote Stack Overflow Vulnerability

https://notcve.org/view.php?id=CVE-2007-4992

Stack-based buffer overflow in the process_packet function in fbserver.exe in Firebird SQL 2.0.2 allows remote attackers to execute arbitrary code via a long request to TCP port 3050. Desbordamiento de búfer basado en pila en la función process_packet de fbserver.exe en Firebird SQL 2.0.2 permite a atacantes remotos ejecutar código de su elección mediante una petición larga al puerto TCP 3050. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Firebird SQL server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the database service fbserver.exe, which binds to TCP port 3050. When processing an overly long request, a stack buffer can be overflowed through a vulnerable call to sprintf() within the function process_packet(). • http://bugs.gentoo.org/show_bug.cgi?id=195569 http://secunia.com/advisories/27982 http://security.gentoo.org/glsa/glsa-200712-06.xml http://securitytracker.com/id?1018802 http://www.firebirdsql.org/rlsnotes/Firebird-2.0.3-ReleaseNotes.pdf http://www.securityfocus.com/archive/1/482025/100/0/threaded http://www.securityfocus.com/bid/26011 http://www.zerodayinitiative.com/advisories/ZDI-07-057.html https://exchange.xforce.ibmcloud.com/vulnerabilities/37079 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •