3 matches found
Gentoo Security Advisory GLSA 200805-06 (firebird)
The remote host is missing updates announced in advisory GLSA 200805-06. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Firebird on Gentoo Linux /etc/conf.d/firebird Invocation ISC_PASSWORD Authentication Bypass
The version of Firebird on the remote host sets the 'ISCPASSWORD' environment variable before starting the database server and uses that for remote client connections when a password is not supplied. An attacker can leverage this issue to connect as 'SYSDBA' with an empty password and gain access...
CVE-2008-1880
The CVE-2008-1880 entry concerns Firebird on Gentoo Linux. The default Gentoo init script sets the ISC_PASSWORD environment variable when starting Firebird, which is used for remote SYSDBA connections if no password is supplied. This allows remote attackers to bypass SYSDBA authentication and obt...