header-logo
Suggest Exploit
vendor:
Firebird
by:
SecurityFocus
7.2
CVSS
HIGH
Buffer-Overflow
120
CWE
Product Name: Firebird
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: Yes
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2006

Firebird Local Buffer-Overflow Vulnerability

Firebird is susceptible to a local buffer-overflow vulnerability. This issue is due to the application's failure to properly check boundaries of user-supplied command-line argument data before copying it to an insufficiently sized memory buffer. Attackers may exploit this issue to execute arbitrary machine code with elevated privileges, because the affected binaries are often installed with setuid privileges.

Mitigation:

Ensure that Firebird is updated to the latest version and that all setuid privileges are removed.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/17077/info

Firebird is susceptible to a local buffer-overflow vulnerability. This issue is due to the application's failure to properly check boundaries of user-supplied command-line argument data before copying it to an insufficiently sized memory buffer.

Attackers may exploit this issue to execute arbitrary machine code with elevated privileges, because the affected binaries are often installed with setuid privileges.

./fbserver -p `perl -e 'print "a"x155;'`1234

Navigation

Suggest Exploit

Services By CQR