lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20040525173754.733.qmail@www.securityfocus.com>
Date: 25 May 2004 17:37:54 -0000
From: b0f www.b0f.net <b0fnet@...oo.com>
To: bugtraq@...urityfocus.com
Subject: Re: [ GLSA 200405-18 ] Buffer Overflow in Firebird


In-Reply-To: <40B0954A.6020103@...too.org>

This bug is over 1 year old take a look here
http://www.securityfocus.com/archive/1/321087/2003-05-08/2003-05-14/0

Also includes exploit.

-b0f 

Hi bob 

>Received: (qmail 26887 invoked from network); 24 May 2004 15:08:38 -0000
>Received: from outgoing.securityfocus.com (HELO outgoing2.securityfocus.com) (205.206.231.26)
>  by mail.securityfocus.com with SMTP; 24 May 2004 15:08:38 -0000
>Received: from lists2.securityfocus.com (lists2.securityfocus.com [205.206.231.20])
>	by outgoing2.securityfocus.com (Postfix) with QMQP
>	id DEBEC14370F; Mon, 24 May 2004 17:07:45 -0600 (MDT)
>Mailing-List: contact bugtraq-help@...urityfocus.com; run by ezmlm
>Precedence: bulk
>List-Id: <bugtraq.list-id.securityfocus.com>
>List-Post: <mailto:bugtraq@...urityfocus.com>
>List-Help: <mailto:bugtraq-help@...urityfocus.com>
>List-Unsubscribe: <mailto:bugtraq-unsubscribe@...urityfocus.com>
>List-Subscribe: <mailto:bugtraq-subscribe@...urityfocus.com>
>Delivered-To: mailing list bugtraq@...urityfocus.com
>Delivered-To: moderator for bugtraq@...urityfocus.com
>Received: (qmail 27595 invoked from network); 23 May 2004 05:57:21 -0000
>Message-ID: <40B0954A.6020103@...too.org>
>Date: Sun, 23 May 2004 14:12:58 +0200
>From: Thierry Carrez <koon@...too.org>
>Organization: Gentoo Linux
>User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) Gecko/20040327
>X-Accept-Language: en-us, en
>MIME-Version: 1.0
>To: gentoo-announce@...ts.gentoo.org
>Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com,
>	security-alerts@...uxsecurity.com
>Subject: [ GLSA 200405-18 ] Buffer Overflow in Firebird
>X-Enigmail-Version: 0.83.3.0
>X-Enigmail-Supports: pgp-inline, pgp-mime
>Content-Type: text/plain; charset=us-ascii
>Content-Transfer-Encoding: 7bit
>
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>Gentoo Linux Security Advisory                           GLSA 200405-18
>- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>                                            http://security.gentoo.org/
>- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>
>  Severity: High
>     Title: Buffer Overflow in Firebird
>      Date: May 23, 2004
>      Bugs: #20837
>        ID: 200405-18
>
>- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
>
>Synopsis
>========
>
>A buffer overflow via environmental variables in Firebird may allow a
>local user to manipulate or destroy local databases and trojan the
>Firebird binaries.
>
>Background
>==========
>
>Firebird is an open source relational database that runs on Linux,
>Windows, and various UNIX systems.
>
>Affected packages
>=================
>
>    -------------------------------------------------------------------
>     Package          /   Vulnerable   /                    Unaffected
>    -------------------------------------------------------------------
>  1  dev-db/firebird         < 1.5                              >= 1.5
>
>Description
>===========
>
>A buffer overflow exists in three Firebird binaries (gds_inet_server,
>gds_lock_mgr, and gds_drop) that is exploitable by setting a large
>value to the INTERBASE environment variable.
>
>Impact
>======
>
>An attacker could control program execution, allowing privilege
>escalation to the UID of Firebird, full access to Firebird databases,
>and trojaning the Firebird binaries. An attacker could use this to
>compromise other user or root accounts.
>
>Workaround
>==========
>
>There is no known workaround.
>
>Resolution
>==========
>
>All users should upgrade to the latest version of Firebird:
>
>    # emerge sync
>
>    # emerge -pv ">=dev-db/firebird-1.5"
>    # emerge ">=dev-db/firebird-1.5"
>
>References
>==========
>
>  [ 1 ] Bugtraq Security Announcement
>        http://securityfocus.com/bid/7546/info/
>  [ 2 ] Sourceforge BugTracker Announcement
>
>http://sourceforge.net/tracker/?group_id=9028&atid=109028&func=detail&aid=739480
>
>Availability
>============
>
>This GLSA and any updates to it are available for viewing at
>the Gentoo Security Website:
>
>     http://security.gentoo.org/glsa/glsa-200405-18.xml
>
>Concerns?
>=========
>
>Security is a primary focus of Gentoo Linux and ensuring the
>confidentiality and security of our users machines is of utmost
>importance to us. Any security concerns should be addressed to
>security@...too.org or alternatively, you may file a bug at
>http://bugs.gentoo.org.
>
>License
>=======
>
>Copyright 2004 Gentoo Technologies, Inc; referenced text
>belongs to its owner(s).
>
>The contents of this document are licensed under the
>Creative Commons - Attribution / Share Alike license.
>
>http://creativecommons.org/licenses/by-sa/1.0
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.2.4 (GNU/Linux)
>Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
>
>iD8DBQFAsJVJvcL1obalX08RAj+PAKCb9Fd0AtIgaUbIj171XyOS2C1KrwCgli71
>8qHVQCl6dlag+WIA4iPZR7w=
>=zCcg
>-----END PGP SIGNATURE-----
>


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ