Zero Day Initiative

TippingPoint Zero Day Initiative

ZDI STATISTICS...

# Created Cases:	1,318
# Researchers:	810
Avg. Verification Time:	15 days

Firebird process_packet() Remote Stack Overflow Vulnerability

ZDI-07-057: October 10th, 2007

CVE ID

Affected Vendors

Affected Products

Vulnerability Details

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Firebird SQL server. Authentication is not required to exploit this vulnerability.

The specific flaw exists within the database service fbserver.exe, which binds to TCP port 3050. When processing an overly long request, a stack buffer can be overflowed through a vulnerable call to sprintf() within the function process_packet(). If properly exploited, remote control of the affected system can be attained with SYSTEM credentials.

Vendor Response

Firebird has issued an update to correct this vulnerability. More details can be found at:

http://www.firebirdsql.org/rlsnotes/Firebird-2.0.3-ReleaseNotes.pdf

Disclosure Timeline

Credit

This vulnerability was discovered by:

Published Advisories

ZDI-08-044: Mozilla Firefox

published 2008-07-17

ZDI-08-043: Sun Microsystems

published 2008-07-17

ZDI-08-042: Sun Microsystems

published 2008-07-17

ZDI-08-041: Novell

published 2008-07-10

ZDI-08-040: Microsoft

published 2008-06-10

Upcoming Advisories

reported 2008-07-08, 13 days ago

reported 2008-07-07, 14 days ago

reported 2008-07-07, 14 days ago

reported 2008-07-03, 18 days ago

reported 2008-06-26, 25 days ago

Recent Press

iPhone and iPod Touch updated with security patches

published 2008-07-11, CNET

Apple TV gets a security update

published 2008-07-10, CNET

First reports of a Firefox 3 vulnerability

published 2008-06-19, BetaNews

Researchers disclose Firefox 3 flaws

published 2008-06-19, SecurityFocus

Millions of downloads -- and the first critical ...

published 2008-06-19, SCMagazine