CVE-2007-4992
Firebird process_packet() Remote Stack Overflow Vulnerability
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Stack-based buffer overflow in the process_packet function in fbserver.exe in Firebird SQL 2.0.2 allows remote attackers to execute arbitrary code via a long request to TCP port 3050.
Desbordamiento de búfer basado en pila en la función process_packet de fbserver.exe en Firebird SQL 2.0.2 permite a atacantes remotos ejecutar código de su elección mediante una petición larga al puerto TCP 3050.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Firebird SQL server. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the database service fbserver.exe, which binds to TCP port 3050. When processing an overly long request, a stack buffer can be overflowed through a vulnerable call to sprintf() within the function process_packet(). If properly exploited, remote control of the affected system can be attained with SYSTEM credentials.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-09-20 CVE Reserved
- 2007-10-10 CVE Published
- 2024-07-07 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (9)
URL | Tag | Source |
---|---|---|
http://bugs.gentoo.org/show_bug.cgi?id=195569 | X_refsource_confirm | |
http://secunia.com/advisories/27982 | Third Party Advisory | |
http://securitytracker.com/id?1018802 | Vdb Entry | |
http://www.firebirdsql.org/rlsnotes/Firebird-2.0.3-ReleaseNotes.pdf | X_refsource_confirm | |
http://www.securityfocus.com/archive/1/482025/100/0/threaded | Mailing List | |
http://www.securityfocus.com/bid/26011 | Vdb Entry | |
http://www.zerodayinitiative.com/advisories/ZDI-07-057.html | X_refsource_misc | |
https://exchange.xforce.ibmcloud.com/vulnerabilities/37079 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://security.gentoo.org/glsa/glsa-200712-06.xml | 2018-10-15 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Firebirdsql Search vendor "Firebirdsql" | Firebird Search vendor "Firebirdsql" for product "Firebird" | 2.0.2 Search vendor "Firebirdsql" for product "Firebird" and version "2.0.2" | - |
Affected
|