Gentoo Linux Security Advisory 201512-11 - A buffer overflow in Firebird might allow remote attackers to execute arbitrary code. Versions less than 2.5.3.26780.0-r3 are affected.
ebf0cf5595dd71c229b90d80a98688f967ad738a36910c14c911ecb6c69d4a5a
Debian Linux Security Advisory 2648-1 - A buffer overflow was discovered in the Firebird database server, which could result in the execution of arbitrary code. In addition, a denial of service vulnerability was discovered in the TraceManager.
3fc375a47b826db087cce2564e87b9c320aab1c05447a531e7f739a3bf803897
Debian Linux Security Advisory 2647-1 - A buffer overflow was discovered in the Firebird database server, which could result in the execution of arbitrary code.
d47fae449bdaf311c4618b1ae36fe78802d600ce4163213705762394cfc40e0f
This Metasploit module exploits a vulnerability in Firebird SQL Server. A specially crafted packet can be sent which will overwrite a pointer allowing the attacker to control where data is read from. Shortly, following the controlled read, the pointer is called resulting in code execution. The vulnerability exists with a group number extracted from the CNCT information, which is sent by the client, and whose size is not properly checked. This Metasploit module uses an existing call to memcpy, just prior to the vulnerable code, which allows a small amount of data to be written to the stack. A two-phases stackpivot allows to execute the ROP chain which ultimately is used to execute VirtualAlloc and bypass DEP.
7de29ccbc4fc0af57c3834340b87fbe2ce27419e8888190bc1a4620767590552