lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 26 May 2004 22:10:21 -0400 From: "KF (lists)" <kf_lists@...netops.com> To: bugtraq@...urityfocus.com Subject: Re: [ GLSA 200405-18 ] Buffer Overflow in Firebird If you guys are bored you may make sure that the FireBird Team fixed this one too... http://www.mail-archive.com/bugtraq@securityfocus.com/msg11512.html -KF KF (lists) wrote: > Actually its more like 2 years old... > > http://www.securiteam.com/unixfocus/5CP0S0U7FG.html > http://seclists.org/lists/bugtraq/2002/Jun/0212.html > > I found that AGES ago. Hell I even sat on it 6 months while attempting > to get Borland to wake up (with out success). > > Better late than never I guess. > > -KF > > > b0f www.b0f.net wrote: > >> In-Reply-To: <40B0954A.6020103@...too.org> >> >> This bug is over 1 year old take a look here >> http://www.securityfocus.com/archive/1/321087/2003-05-08/2003-05-14/0 >> >> Also includes exploit. >> >> -b0f >> Hi bob >> >> >>> Received: (qmail 26887 invoked from network); 24 May 2004 15:08:38 >>> -0000 >>> Received: from outgoing.securityfocus.com (HELO >>> outgoing2.securityfocus.com) (205.206.231.26) >>> by mail.securityfocus.com with SMTP; 24 May 2004 15:08:38 -0000 >>> Received: from lists2.securityfocus.com (lists2.securityfocus.com >>> [205.206.231.20]) >>> by outgoing2.securityfocus.com (Postfix) with QMQP >>> id DEBEC14370F; Mon, 24 May 2004 17:07:45 -0600 (MDT) >>> Mailing-List: contact bugtraq-help@...urityfocus.com; run by ezmlm >>> Precedence: bulk >>> List-Id: <bugtraq.list-id.securityfocus.com> >>> List-Post: <mailto:bugtraq@...urityfocus.com> >>> List-Help: <mailto:bugtraq-help@...urityfocus.com> >>> List-Unsubscribe: <mailto:bugtraq-unsubscribe@...urityfocus.com> >>> List-Subscribe: <mailto:bugtraq-subscribe@...urityfocus.com> >>> Delivered-To: mailing list bugtraq@...urityfocus.com >>> Delivered-To: moderator for bugtraq@...urityfocus.com >>> Received: (qmail 27595 invoked from network); 23 May 2004 05:57:21 >>> -0000 >>> Message-ID: <40B0954A.6020103@...too.org> >>> Date: Sun, 23 May 2004 14:12:58 +0200 >>> From: Thierry Carrez <koon@...too.org> >>> Organization: Gentoo Linux >>> User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.6) >>> Gecko/20040327 >>> X-Accept-Language: en-us, en >>> MIME-Version: 1.0 >>> To: gentoo-announce@...ts.gentoo.org >>> Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com, >>> security-alerts@...uxsecurity.com >>> Subject: [ GLSA 200405-18 ] Buffer Overflow in Firebird >>> X-Enigmail-Version: 0.83.3.0 >>> X-Enigmail-Supports: pgp-inline, pgp-mime >>> Content-Type: text/plain; charset=us-ascii >>> Content-Transfer-Encoding: 7bit >>> >>> -----BEGIN PGP SIGNED MESSAGE----- >>> Hash: SHA1 >>> >>> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - >>> - - - >>> Gentoo Linux Security Advisory GLSA 200405-18 >>> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - >>> - - - >>> http://security.gentoo.org/ >>> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - >>> - - - >>> >>> Severity: High >>> Title: Buffer Overflow in Firebird >>> Date: May 23, 2004 >>> Bugs: #20837 >>> ID: 200405-18 >>> >>> - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - >>> - - - >>> >>> Synopsis >>> ======== >>> >>> A buffer overflow via environmental variables in Firebird may allow a >>> local user to manipulate or destroy local databases and trojan the >>> Firebird binaries. >>> >>> Background >>> ========== >>> >>> Firebird is an open source relational database that runs on Linux, >>> Windows, and various UNIX systems. >>> >>> Affected packages >>> ================= >>> >>> ------------------------------------------------------------------- >>> Package / Vulnerable / Unaffected >>> ------------------------------------------------------------------- >>> 1 dev-db/firebird < 1.5 >= 1.5 >>> >>> Description >>> =========== >>> >>> A buffer overflow exists in three Firebird binaries (gds_inet_server, >>> gds_lock_mgr, and gds_drop) that is exploitable by setting a large >>> value to the INTERBASE environment variable. >>> >>> Impact >>> ====== >>> >>> An attacker could control program execution, allowing privilege >>> escalation to the UID of Firebird, full access to Firebird databases, >>> and trojaning the Firebird binaries. An attacker could use this to >>> compromise other user or root accounts. >>> >>> Workaround >>> ========== >>> >>> There is no known workaround. >>> >>> Resolution >>> ========== >>> >>> All users should upgrade to the latest version of Firebird: >>> >>> # emerge sync >>> >>> # emerge -pv ">=dev-db/firebird-1.5" >>> # emerge ">=dev-db/firebird-1.5" >>> >>> References >>> ========== >>> >>> [ 1 ] Bugtraq Security Announcement >>> http://securityfocus.com/bid/7546/info/ >>> [ 2 ] Sourceforge BugTracker Announcement >>> >>> http://sourceforge.net/tracker/?group_id=9028&atid=109028&func=detail&aid=739480 >>> >>> >>> Availability >>> ============ >>> >>> This GLSA and any updates to it are available for viewing at >>> the Gentoo Security Website: >>> >>> http://security.gentoo.org/glsa/glsa-200405-18.xml >>> >>> Concerns? >>> ========= >>> >>> Security is a primary focus of Gentoo Linux and ensuring the >>> confidentiality and security of our users machines is of utmost >>> importance to us. Any security concerns should be addressed to >>> security@...too.org or alternatively, you may file a bug at >>> http://bugs.gentoo.org. >>> >>> License >>> ======= >>> >>> Copyright 2004 Gentoo Technologies, Inc; referenced text >>> belongs to its owner(s). >>> >>> The contents of this document are licensed under the >>> Creative Commons - Attribution / Share Alike license. >>> >>> http://creativecommons.org/licenses/by-sa/1.0 >>> >>> -----BEGIN PGP SIGNATURE----- >>> Version: GnuPG v1.2.4 (GNU/Linux) >>> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org >>> >>> iD8DBQFAsJVJvcL1obalX08RAj+PAKCb9Fd0AtIgaUbIj171XyOS2C1KrwCgli71 >>> 8qHVQCl6dlag+WIA4iPZR7w= >>> =zCcg >>> -----END PGP SIGNATURE----- >>> >>> >> >> >> >> > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists