This CPE summary could be partial or incomplete. Please contact us for a detailed listing.
Summary
| Detail | |||
|---|---|---|---|
| Vendor | Firebirdsql | First view | 2009-07-29 |
| Product | Firebird | Last view | 2014-12-16 |
| Version | 2.5 | Type | Application |
| Update | beta_2 | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:firebirdsql:firebird | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5 | 2014-12-16 | CVE-2014-9323 | The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status. |
| 5 | 2009-07-29 | CVE-2009-2620 | src/remote/server.cpp in fbserver.exe in Firebird SQL 1.5 before 1.5.6, 2.0 before 2.0.6, 2.1 before 2.1.3, and 2.5 before 2.5 Beta 2 allows remote attackers to cause a denial of service (daemon crash) via a malformed op_connect_request message that triggers an infinite loop or NULL pointer dereference. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 50% (1) | CWE-476 | NULL Pointer Dereference |
| 50% (1) | CWE-20 | Improper Input Validation |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 56606 | Firebird op_connect_request Packet Handling Remote DoS |
ExploitDB Exploits
| id | Description |
|---|---|
| 9295 | Firebird SQL op_connect_request main listener shutdown Vulnerability |
OpenVAS Exploits
| id | Description |
|---|---|
| 2009-09-11 | Name : Firebird SQL 'op_connect_request' Denial Of Service Vulnerability (Win) File : nvt/gb_firebird_dos_vuln_win.nasl |
| 2009-09-02 | Name : Fedora Core 10 FEDORA-2009-8317 (firebird) File : nvt/fcore_2009_8317.nasl |
| 2009-09-02 | Name : Fedora Core 11 FEDORA-2009-8340 (firebird) File : nvt/fcore_2009_8340.nasl |
| 2009-08-17 | Name : Mandrake Security Advisory MDVSA-2009:186 (firebird) File : nvt/mdksa_2009_186.nasl |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Firebird SQL op_connect_request denial of service attempt RuleID : 15896 - Type : SERVER-OTHER - Revision : 9 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2015-03-26 | Name: The remote Debian host is missing a security update. File: debian_DLA-123.nasl - Type: ACT_GATHER_INFO |
| 2015-03-26 | Name: The remote Debian host is missing a security update. File: debian_DLA-130.nasl - Type: ACT_GATHER_INFO |
| 2014-12-22 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-3109.nasl - Type: ACT_GATHER_INFO |
| 2014-12-22 | Name: The remote Fedora host is missing a security update. File: fedora_2014-16524.nasl - Type: ACT_GATHER_INFO |
| 2014-12-22 | Name: The remote Fedora host is missing a security update. File: fedora_2014-16561.nasl - Type: ACT_GATHER_INFO |
| 2014-12-18 | Name: The remote Windows host has an application that is vulnerable to a remote den... File: firebird_local_cve-2014-9323.nasl - Type: ACT_GATHER_INFO |
| 2009-09-02 | Name: The remote Fedora host is missing a security update. File: fedora_2009-8317.nasl - Type: ACT_GATHER_INFO |
| 2009-09-02 | Name: The remote Fedora host is missing a security update. File: fedora_2009-8340.nasl - Type: ACT_GATHER_INFO |
