Firebird 1.5 - Local Inet_Server Buffer Overflow Vulnerability

ID EDB-ID:27418
Type exploitdb
Reporter Joxean Koret
Modified 2006-03-13T00:00:00


Firebird 1.5 Local Inet_Server Buffer Overflow Vulnerability. CVE-2006-1240. Dos exploit for windows platform


Firebird is susceptible to a local buffer-overflow vulnerability. This issue is due to the application's failure to properly check boundaries of user-supplied command-line argument data before copying it to an insufficiently sized memory buffer.

Attackers may exploit this issue to execute arbitrary machine code with elevated privileges, because the affected binaries are often installed with setuid privileges.

./fbserver -p `perl -e 'print "a"x155;'`1234