6.8 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:M/Au:N/C:P/I:P/A:P
0.761 High
EPSS
Percentile
98.2%
Stack-based buffer overflow in Firebird 2.1.3 through 2.1.5 before 18514, and 2.5.1 through 2.5.3 before 26623, on Windows allows remote attackers to execute arbitrary code via a crafted packet to TCP port 3050, related to a missing size check during extraction of a group number from CNCT information.
Recent assessments:
zeroSteiner at January 10, 2020 10:32pm UTC reported:
The FirebirdSQL server is vulnerable to a stack buffer overflow that can be triggered when an unauthenticated user sends a specially crafted packet. The result can lead to remote code execution as the user which runs the FirebirdSQL server.
A lack of ASLR in some modules makes exploiting this vulnerability easier as memory locations do not need to be leaked. If the service crashes, it will automatically be restarted in the default configuration.
Assessed Attacker Value: 3
Assessed Attacker Value: 3Assessed Attacker Value: 5
lists.opensuse.org/opensuse-security-announce/2013-03/msg00036.html
lists.opensuse.org/opensuse-security-announce/2013-03/msg00039.html
tracker.firebirdsql.org/browse/CORE-4058
www.debian.org/security/2013/dsa-2647
www.debian.org/security/2013/dsa-2648
www.securityfocus.com/bid/58393
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2492
gist.github.com/zeroSteiner/85daef257831d904479c
github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/fb_cnct_group.rb
security.gentoo.org/glsa/201512-11