Firebird Process_Packet Remote Buffer Overflow Vulnerability

Bugtraq ID:	26011
Class:	Boundary Condition Error
CVE:	CVE-2007-4992
Remote:	Yes
Local:	No
Published:	Oct 10 2007 12:00AM
Updated:	Dec 18 2007 08:06PM
Credit:	This issue was disclosed in the referenced ZDI advisory.
Vulnerable:	Gentoo Linux Firebird Firebird 2.5.0
Not Vulnerable:	Firebird Firebird 2.0.3

Firebird Process_Packet Remote Buffer Overflow Vulnerability

Firebird is prone to a remote stack-based buffer-overflow vulnerability.

An attacker can exploit this issue to execute arbitrary machine code in the context of the affected database server. Failed exploit attempts will likely crash the server, denying service to legitimate users.

Firebird 2.0.2 is vulnerable; previous versions may also be affected.

Firebird Process_Packet Remote Buffer Overflow Vulnerability

Currently we are not aware of any working exploits for this issue. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Firebird Process_Packet Remote Buffer Overflow Vulnerability

Solution:
The vendor addressed this issue in Firebird 2.0.3. Please see the vendor references for more information.

Firebird Process_Packet Remote Buffer Overflow Vulnerability

References:

• Firebird Homepage (Firebird)
  
• Firebird-2.0.3-ReleaseNotes (Firebird)
  
• ZDI-07-057 Firebird process_packet() Remote Stack Overflow Vulnerability (Zero Day Initiative)