CVE-2006-7214
https://notcve.org/view.php?id=CVE-2006-7214
Multiple unspecified vulnerabilities in Firebird 1.5 allow remote attackers to (1) cause a denial of service (application crash) by sending many remote protocol versions; and (2) cause a denial of service (connection drop) via certain network traffic, as demonstrated by Nessus vulnerability scanning. Múltiples vulnerabilidades no especificadas en Firebird 1.5 permiten a atacantes remotos (1) provocar una denegación de servicio (caída de la aplicación) enviando muchas versiones de protocolo remoto; y (2) provocar una denegación de servicio (caída de la conexión) mediante determinado tráfico de red, como se ha demostrado con un escaneo de vulnerabilidades con Nessus. • http://secunia.com/advisories/29501 http://www.debian.org/security/2008/dsa-1529 http://www.firebirdsql.org/rlsnotes/Firebird-2.0-ReleaseNotes.pdf http://www.securityfocus.com/bid/28474 •
CVE-2007-3181 – Firebird SQL Fbserver 2.0 - Remote Buffer Overflow
https://notcve.org/view.php?id=CVE-2007-3181
Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to "an InterBase version of gds32.dll." Desbordamiento de búfer en fbserver.exe de Firebird SQL 2 before 2.0.1 permite a atacantes remotos ejecutar código de su elección mediante un valor p_cnct_count grande en una estructura p_cnct structure en una petición de conexión (0x01) al puerto 3050/tcp, relacionado con "una versión InterBase de gds32.dll". • https://www.exploit-db.com/exploits/30186 http://dvlabs.tippingpoint.com/advisory/TPTI-07-11 http://osvdb.org/37231 http://secunia.com/advisories/25601 http://secunia.com/advisories/25872 http://secunia.com/advisories/29501 http://security.gentoo.org/glsa/glsa-200707-01.xml http://www.debian.org/security/2008/dsa-1529 http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf http://www.securityfocus.com/bid/24436 http://www.vupen.com/english/advisories/2007 •
CVE-2006-1240 – Firebird 1.5 - Inet_Server Local Buffer Overflow
https://notcve.org/view.php?id=CVE-2006-1240
Buffer overflow in inet_server.cpp in (1) fb_inet_server and (2) fbserver in Firebird 1.5.2.4731 allows local users to gain privileges via a long value of the -p argument. • https://www.exploit-db.com/exploits/27418 http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/043546.html http://www.securityfocus.com/archive/1/427480/100/0/threaded http://www.securityfocus.com/bid/17077 https://exchange.xforce.ibmcloud.com/vulnerabilities/25282 •
CVE-2006-1241
https://notcve.org/view.php?id=CVE-2006-1241
Firebird 1.5.2.4731 installs (1) fb_lock_mgr, (2) gds_drop, and (3) fb_inet_server with setuid firebird permissions, which might allow local users to gain privileges via a buffer overflow as identified by CVE-2006-1240, or possibly other vulnerabilities. • http://lists.grok.org.uk/pipermail/full-disclosure/2006-March/043546.html http://www.securityfocus.com/archive/1/427480/100/0/threaded http://www.securityfocus.com/bid/17077 https://exchange.xforce.ibmcloud.com/vulnerabilities/25282 •