KLA10741
Denial of service vulnerability in FireBird
Updated: 06/17/2019
Detect date
?
01/13/2016
Severity
?
Warning
Description

Improper commands usage at RDBMS was found in FireBird. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via vectors related to gbak utility.


Technical details

This vulnerability related to unhandled case exception at burp.cpp. This vulnerability can be exploited by remote authenticated user via a specially designed gbak command with typo.

Affected products

Firebird version 2.5.5

Solution

Since vulnerability was introduced at 2.5.5 version you can downgrade to earlier versions or wait for update to next version which isn’t released right now
FireBird download page

Original advisories

Openwall advisory
Openwall advisory
FireBird advisory

Impacts
?
DoS 
[?]
CVE-IDS
?
CVE-2016-15694.0Warning