Firebird Relational Database Multiple Remote Stack Buffer Overflow Vulnerabilities

Bugtraq ID:	25925
Class:	Boundary Condition Error
CVE:	CVE-2007-5245
Remote:	Yes
Local:	No
Published:	Oct 04 2007 12:00AM
Updated:	Jan 25 2008 07:38PM
Credit:	Adriano Lima and Ramon de Carvalho Valle of RISE Security are credited with the discovery of these vulnerabilities.
Vulnerable:	Firebird Firebird 1.5 Firebird Firebird WI-2.01.12855 Firebird Firebird WI-2.0.0.12748 Firebird Firebird WI-1.5.4.4910 Firebird Firebird WI-1.5.3.4870 Firebird Firebird LI-2.0.1.12855 Firebird Firebird LI-2.0.0.12748 Firebird Firebird LI-1.5.4.4910 Firebird Firebird LI-1.5.3.4870 Firebird Firebird 2.0 Docsvault Small Business Edition 2.0 Docsvault Professional Edition 2.0
Not Vulnerable:	Firebird Firebird WI-2.0.3.12981 Firebird Firebird WI-2.0.0.12748 Firebird Firebird LI-V2.0.0.12748 Firebird Firebird LI-2.0.3.12981

Firebird Relational Database Multiple Remote Stack Buffer Overflow Vulnerabilities

Firebird is prone to multiple remote stack-based buffer-overflow vulnerabilities because the application fails to perform adequate boundary-checks on user-supplied data.

An attacker could exploit these issues to execute arbitrary code within the context of the affected application. Successfully exploiting this issue may result in the remote compromise of affected computers. Failed exploit attempts will result in a denial-of-service condition.

Firebird Relational Database Multiple Remote Stack Buffer Overflow Vulnerabilities

The following Metasploit exploit modules are available:

• /data/vulnerabilities/exploits/fb_svc_attach.rb
• /data/vulnerabilities/exploits/fb_isc_create_database.rb
• /data/vulnerabilities/exploits/fb_isc_attach_database.rb

Firebird Relational Database Multiple Remote Stack Buffer Overflow Vulnerabilities

Solution:
The vendor released updates to address these issues. Please see the references for more information.


Firebird Firebird WI-1.5.4.4910

• Firebird Firebird-2.0.3.12981-1-Win32.exe
  http://downloads.sourceforge.net/firebird/Firebird-2.0.3.12981-1-Win32 .exe

Firebird Firebird LI-2.0.0.12748

• Firebird Firebird-2.0.3.12981-1-Win32.exe
  http://downloads.sourceforge.net/firebird/Firebird-2.0.3.12981-1-Win32 .exe

Firebird Firebird LI-1.5.3.4870

• Firebird Firebird-2.0.3.12981-1-Win32.exe
  http://downloads.sourceforge.net/firebird/Firebird-2.0.3.12981-1-Win32 .exe

Firebird Firebird WI-2.0.0.12748

• Firebird Firebird-2.0.3.12981-1-Win32.exe
  http://downloads.sourceforge.net/firebird/Firebird-2.0.3.12981-1-Win32 .exe

Firebird Firebird LI-2.0.1.12855

• Firebird Firebird-2.0.3.12981-1-Win32.exe
  http://downloads.sourceforge.net/firebird/Firebird-2.0.3.12981-1-Win32 .exe

Firebird Firebird WI-1.5.3.4870

• Firebird Firebird-2.0.3.12981-1-Win32.exe
  http://downloads.sourceforge.net/firebird/Firebird-2.0.3.12981-1-Win32 .exe

Firebird Firebird WI-2.01.12855

• Firebird Firebird-2.0.3.12981-1-Win32.exe
  http://downloads.sourceforge.net/firebird/Firebird-2.0.3.12981-1-Win32 .exe

Firebird Firebird LI-1.5.4.4910

• Firebird Firebird-2.0.3.12981-1-Win32.exe
  http://downloads.sourceforge.net/firebird/Firebird-2.0.3.12981-1-Win32 .exe

Firebird Relational Database Multiple Remote Stack Buffer Overflow Vulnerabilities

References:

• Firebird Homepage (Firebird)
  
• Firebird Relational Database Multiple Buffer Overflow Vulnerabilities ([email protected])
  
• Firebird Relational Database Multiple Buffer Overflow Vulnerabilities (Rise Security)