[Forgot Password]
Login  Register Subscribe

23631

 
 

117687

 
 

98503

 
 

909

 
 

79281

 
 

109

Paid content will be excluded from the download.


Download | Alert*
CVE
view XML

CVE-2008-0467

Date: (C)2008-01-28   (M)2017-08-08 


Stack-based buffer overflow in Firebird before 2.0.4, and 2.1.x before 2.1.0 RC1, might allow remote attackers to execute arbitrary code via a long username.

CVSS Score: 10.0Access Vector: NETWORK
Exploit Score: 10.0Access Complexity: LOW
Impact Score: 10.0Authentication: NONE
 Confidentiality: COMPLETE
 Integrity: COMPLETE
 Availability: COMPLETE





Reference:
SECTRACK-1019277
BID-27467
SECUNIA-28596
SECUNIA-29203
SECUNIA-29501
ADV-2008-0300
DSA-1529
GLSA-200803-02
firebird-username-bo(39981)
http://sourceforge.net/project/shownotes.php?group_id=9028&release_id=570800
http://sourceforge.net/project/shownotes.php?release_id=570816&group_id=9028
http://tracker.firebirdsql.org/browse/CORE-1603

CPE    2
cpe:/a:firebirdsql:firebird:2.1:rc1
cpe:/a:firebirdsql:firebird:2.0.3
CWE    1
CWE-119

© 2013 SecPod Technologies