Showing 1 - 3 of 3

CVE-2008-0387

Status Candidate

Overview

Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption.

Related Files

Debian Linux Security Advisory 1529-1: Posted Mar 27, 2008; Authored by Debian | Site debian.org; Debian Security Advisory 1529-1 - Multiple security problems have been discovered in the Firebird database, which may lead to the execution of arbitrary code or denial of service. This Debian security advisory is a bit unusual. While it's normally their strict policy to backport security bugfixes to older releases, this turned out to be infeasible for Firebird 1.5 due to large infrastructural changes necessary to fix these issues.; tags | advisory, denial of service, arbitrary; systems | linux, debian; advisories | CVE-2008-0387, CVE-2008-0467, CVE-2006-7211, CVE-2007-4664, CVE-2007-4665, CVE-2007-4666, CVE-2007-4667, CVE-2007-4668, CVE-2007-4669, CVE-2007-3527, CVE-2007-3181, CVE-2007-2606, CVE-2006-7212, CVE-2006-7213, CVE-2006-7214; SHA-256 | 1712f868cb7a8eae510a6a9ed3e7ca416b2fec26a21461b1e87fb98b151a008d; Download | Favorite | View

Gentoo Linux Security Advisory 200803-2: Posted Mar 3, 2008; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200803-02 - Firebird does not properly handle certain types of XDR requests, resulting in an integer overflow (CVE-2008-0387). Furthermore, it is vulnerable to a buffer overflow when processing usernames (CVE-2008-0467). Versions less than 2.0.3.12981.0-r5 are affected.; tags | advisory, overflow; systems | linux, gentoo; advisories | CVE-2008-0387, CVE-2008-0467; SHA-256 | e39831b3f006e5fd9594aee0dbf8c3c6b75e259996e7c5e1c1d17b0884cbf6b3; Download | Favorite | View

Core Security Technologies Advisory 2007.1219: Posted Jan 28, 2008; Authored by Core Security Technologies, Alfredo Ortega, Damian Frizza | Site coresecurity.com; Core Security Technologies Advisory - The Firebird database manager contains an integer overflow in the processing of certain tags on the XDR protocol used for communication with the server. Version vulnerable include Firebird SQL 1.0.3 and before, 1.5.5 and before, 2.0.3 and before, and 2.1.0 Beta 2 and before.; tags | exploit, overflow, protocol; advisories | CVE-2008-0387; SHA-256 | 049362d5b2e4e09658272b9a1503df66c276926189db05c55ad7bfdb78bb1d0c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 137 files
Ubuntu 106 files
Debian 22 files
Google Security Research 11 files
LiquidWorm 10 files
Abdulhakim Oner 8 files
Muhammad Navaid Zafar Ansari 7 files
nu11secur1ty 5 files
fearzzzz 5 files
Jann Horn 5 files

File Archives

Systems

AIX (426)
Apple (1,951)
BSD (370)
CentOS (56)
Cisco (1,919)
Debian (6,712)
Fedora (1,691)
FreeBSD (1,242)
Gentoo (4,288)
HPUX (878)
iOS (338)
iPhone (108)
IRIX (220)
Juniper (67)
Linux (45,108)
Mac OS X (684)
Mandriva (3,105)
NetBSD (256)
OpenBSD (482)
RedHat (12,912)
Slackware (941)
Solaris (1,609)
SUSE (1,444)
Ubuntu (8,439)
UNIX (9,207)
UnixWare (185)
Windows (6,531)
Other

CVE-2008-0387

Overview

Related Files

File Archive:

March 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems