Showing 1 - 3 of 3

CVE-2008-0387

Status Candidate

Overview

Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption.

Related Files

Debian Linux Security Advisory 1529-1: Posted Mar 27, 2008; Authored by Debian | Site debian.org; Debian Security Advisory 1529-1 - Multiple security problems have been discovered in the Firebird database, which may lead to the execution of arbitrary code or denial of service. This Debian security advisory is a bit unusual. While it's normally their strict policy to backport security bugfixes to older releases, this turned out to be infeasible for Firebird 1.5 due to large infrastructural changes necessary to fix these issues.; tags | advisory, denial of service, arbitrary; systems | linux, debian; advisories | CVE-2008-0387, CVE-2008-0467, CVE-2006-7211, CVE-2007-4664, CVE-2007-4665, CVE-2007-4666, CVE-2007-4667, CVE-2007-4668, CVE-2007-4669, CVE-2007-3527, CVE-2007-3181, CVE-2007-2606, CVE-2006-7212, CVE-2006-7213, CVE-2006-7214; SHA-256 | 1712f868cb7a8eae510a6a9ed3e7ca416b2fec26a21461b1e87fb98b151a008d; Download | Favorite | View

Gentoo Linux Security Advisory 200803-2: Posted Mar 3, 2008; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory GLSA 200803-02 - Firebird does not properly handle certain types of XDR requests, resulting in an integer overflow (CVE-2008-0387). Furthermore, it is vulnerable to a buffer overflow when processing usernames (CVE-2008-0467). Versions less than 2.0.3.12981.0-r5 are affected.; tags | advisory, overflow; systems | linux, gentoo; advisories | CVE-2008-0387, CVE-2008-0467; SHA-256 | e39831b3f006e5fd9594aee0dbf8c3c6b75e259996e7c5e1c1d17b0884cbf6b3; Download | Favorite | View

Core Security Technologies Advisory 2007.1219: Posted Jan 28, 2008; Authored by Core Security Technologies, Alfredo Ortega, Damian Frizza | Site coresecurity.com; Core Security Technologies Advisory - The Firebird database manager contains an integer overflow in the processing of certain tags on the XDR protocol used for communication with the server. Version vulnerable include Firebird SQL 1.0.3 and before, 1.5.5 and before, 2.0.3 and before, and 2.1.0 Beta 2 and before.; tags | exploit, overflow, protocol; advisories | CVE-2008-0387; SHA-256 | 049362d5b2e4e09658272b9a1503df66c276926189db05c55ad7bfdb78bb1d0c; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

CVE-2008-0387

Overview

Related Files

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems