10 - DSA-1529

Executive Summary

This Alert is flagged as TOP 25 Common Weakness Enumeration from CWE/SANS. For more information, you can read this.

Summary
Title	New Firebird packages fix several vulnerabilities

Informations
Name	DSA-1529	First vendor Publication	2008-03-24
Vendor	Debian	Last vendor Modification	2008-03-24
Severity (Vendor)	N/A	Revision	1

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C)
Cvss Base Score	10	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Low
Cvss Expoit Score	10	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Multiple security problems have been discovered in the Firebird database, which may lead to the execution of arbitrary code or denial of service.

This Debian security advisory is a bit unusual. While it's normally our strict policy to backport security bugfixes to older releases, this turned out to be infeasible for Firebird 1.5 due to large infrastructural changes necessary to fix these issues. As a consequence security support for Firebird 1.5 is hereby discontinued, leaving two options to administrators running a Firebird database:

I. Administrators running Firebird in a completely internal setup with trusted users could leave it unchanged.

II. Everyone else should upgrade to the firebird2.0 packages available at http://www.backports.org/backports.org/pool/main/f/firebird2.0/

Version 2.0.3.12981.ds1-6~bpo40+1 fixes all known issues.

Please refer to the general backports.org documentation to add the packages to your package management configuration: http://www.backports.org/dokuwiki/doku.php?id=instructions

These packages are backported to run with Debian stable. Since firebird2.0 is not a drop-in replacement for firebird2 (which is the source package name for the Firebird 1.5 packages) these updates are not released through security.debian.org. Potential future security problems affecting Debian stable will be released through backports.org as well.

Arrangements have been made to ensure that Firebird in the upcoming Debian 5.0 release will be supportable with regular backported security bugfixes again.

For a more detailed descriptions of the security problems, please refer to the entries in the Debian Bug Tracking System referenced above and the following URLs:

http://www.firebirdsql.org/rlsnotes/Firebird-2.0-ReleaseNotes.pdf http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf

Original Source

Url : http://www.debian.org/security/2008/dsa-1529

CWE : Common Weakness Enumeration

%	Id	Name
50 %	CWE-119	Failure to Constrain Operations within the Bounds of a Memory Buffer
20 %	CWE-264	Permissions, Privileges, and Access Controls
10 %	CWE-200	Information Exposure
10 %	CWE-189	Numeric Errors (CWE/SANS Top 25)
10 %	CWE-20	Improper Input Validation

CPE : Common Platform Enumeration

Type	Description	Count
Application	Bakbone Netvault cpe:2.3:a:bakbone:netvault:6.x:::::::*	1
Application	Firebirdsql Firebird cpe:2.3:a:firebirdsql:firebird:2.1.0:::::::* cpe:2.3:a:firebirdsql:firebird:2.1:::::::* cpe:2.3:a:firebirdsql:firebird:2.0.2:::::::* cpe:2.3:a:firebirdsql:firebird:2.0.1.12855::windows::::: cpe:2.3:a:firebirdsql:firebird:2.0.1.12855::linux::::: cpe:2.3:a:firebirdsql:firebird:2.0.1:::::::* cpe:2.3:a:firebirdsql:firebird:2.0.0.12748::windows::::: cpe:2.3:a:firebirdsql:firebird:2.0.0.12748:::::::* cpe:2.3:a:firebirdsql:firebird:2.0.0.12748::linux::::: cpe:2.3:a:firebirdsql:firebird:2.0.0:::::::* cpe:2.3:a:firebirdsql:firebird:1.5.5:::::::* cpe:2.3:a:firebirdsql:firebird:1.5.4.4910::linux::::: cpe:2.3:a:firebirdsql:firebird:1.5.4.4910::windows::::: cpe:2.3:a:firebirdsql:firebird:1.5.4.4910:::::::* cpe:2.3:a:firebirdsql:firebird:1.5.3.4870::windows::::: cpe:2.3:a:firebirdsql:firebird:1.5.3.4870::linux::::: cpe:2.3:a:firebirdsql:firebird:1.5.3.4870:::::::* cpe:2.3:a:firebirdsql:firebird:1.5.2.4731:::::::* cpe:2.3:a:firebirdsql:firebird:1.5.2:::::::* cpe:2.3:a:firebirdsql:firebird:1.5.1:::::::* cpe:2.3:a:firebirdsql:firebird:1.5:::::::* cpe:2.3:a:firebirdsql:firebird:1.0.2:::::::* cpe:2.3:a:firebirdsql:firebird:1.0:::::::* cpe:2.3:a:firebirdsql:firebird:0.7:::::::* cpe:2.3:a:firebirdsql:firebird::::::::	25

SAINT Exploits

Description	Link
Firebird username buffer overflow	More info here

OpenVAS Exploits

Date	Description
2008-09-24	Name : Gentoo Security Advisory GLSA 200707-01 (firebird) File : nvt/glsa_200707_01.nasl
2008-09-24	Name : Gentoo Security Advisory GLSA 200803-02 (firebird) File : nvt/glsa_200803_02.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
43783	Firebird Services API Remote Server Log (firebird.log) Disclosure
43782	Firebird Unspecified Database Operations Remote CPU Consumption DoS
43187	Firebird SQL Multiple XDR Requests Remote Memory Corruption Overflow
41551	Firebird Malformed Traffic (Vulnerability Scan) Remote DoS
41550	Firebird Crafted Protocol Versions Remote DoS
41549	Firebird Database Creation Arbitrary Database Overwrite
41548	Firebird WNET Unspecified Overflows
41547	Firebird Multiple Unspecified Overflows
41546	Firebird fb_lock_mgr Semaphore Array Locking Local DoS
40924	Firebird Username Remote Overflow
37314	Firebird attach / create Database Functions Unspecified Issue
37313	Firebird Server Crafted XNET Session Remote DoS
37312	Firebird Server Crafted Packet Remote DoS
37311	Firebird Services API Unspecified Remote DoS
37310	Firebird Unspecified Remote File Enumeration
37309	Firebird msgs\check_msgs.epp Unspecified Overflow
37308	Firebird config\ConfigFile.cpp Unspecified Overflow
37231	Firebird SQL fbserver.exe p_cnct_count Value Remote Overflow A buffer overflow exists in Firebird. The database service fails to validate connect request packets received on TCP port 3050 resulting in a buffer overflow. With a specially crafted request, a remote attacker can cause arbitrary code execution resulting in a loss of integrity.

Snort® IPS/IDS

Date	Description
2014-11-19	Firebird database invalid state integer overflow attempt RuleID : 32224 - Revision : 2 - Type : SERVER-OTHER
2014-11-19	Firebird database invalid state integer overflow attempt RuleID : 32223 - Revision : 2 - Type : SERVER-OTHER
2014-01-10	Firebird database invalid state integer overflow attempt RuleID : 17556 - Revision : 9 - Type : SERVER-OTHER
2014-01-10	Firebird Database Server username handling buffer overflow RuleID : 13522 - Revision : 8 - Type : SERVER-OTHER
2014-01-10	Firebird Fbserver buffer overflow attempt RuleID : 12009 - Revision : 4 - Type : SQL

Nessus® Vulnerability Scanner

Date	Description
2008-03-28	Name : The remote Debian host is missing a security-related update. File : debian_DSA-1529.nasl - Type : ACT_GATHER_INFO
2008-03-04	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200803-02.nasl - Type : ACT_GATHER_INFO
2007-07-02	Name : The remote Gentoo host is missing one or more security-related patches. File : gentoo_GLSA-200707-01.nasl - Type : ACT_GATHER_INFO
2007-06-13	Name : The remote database server allows execution of arbitrary code. File : firebird_overflow.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-02-17 11:27:28	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	10
CPE ID(s)	26
Saint Exploit(s)	1
osvdb(s)	18
Openvas Exploit(s)	2
Snort® Rule(s)	5
Nessus® Exploit(s)	4

	Related
10	CVE-2008-0467
10	CVE-2007-3181
7.8	CVE-2008-0387
7.8	CVE-2007-2606
7.8	CVE-2006-7214
7.5	CVE-2007-4664
6.8	CVE-2007-3527
6.8	CVE-2006-7212
5.5	CVE-2006-7213
5	CVE-2007-4668
5	CVE-2007-4667
5	CVE-2007-4666
5	CVE-2007-4665
4.9	CVE-2006-7211
4	CVE-2007-4669
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 15 more Alert(s)