KLA10741
Denial of service vulnerability in FireBird

Обновлено: 03/06/2020
Дата обнаружения
13/01/2016
Уровень угрозы
Warning
Описание

Improper commands usage at RDBMS was found in FireBird. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via vectors related to gbak utility.


Technical details

This vulnerability related to unhandled case exception at burp.cpp. This vulnerability can be exploited by remote authenticated user via a specially designed gbak command with typo.

Пораженные продукты

Firebird version 2.5.5

Решение

Since vulnerability was introduced at 2.5.5 version you can downgrade to earlier versions or wait for update to next version which isn’t released right now
FireBird download page

Первичный источник обнаружения
Openwall advisory
Openwall advisory
FireBird advisory
Оказываемое влияние
?
DoS 
[?]
Связанные продукты
Firebird
CVE-IDS
CVE-2016-15694.0Warning
Узнай статистику распространения уязвимостей в твоем регионе