21 matches found
Linux Distros Unpatched Vulnerability : CVE-2017-11509
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement. CVE-2017-115...
CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
Debian DLA-1374-1 : firebird2.5 security update
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement. The only known solution is to disable external UDF libraries from being loaded. In order to achieve this, the default configuration has changed to...
[SECURITY] [DLA 1374-1] firebird2.5 security update
Package : firebird2.5 Version : 2.5.2.26540.ds4-1deb7u4 CVE ID : CVE-2017-11509 An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement. The only known solution is to disable external UDF libraries from bei...
CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
Sql injection
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
DEBIAN-CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
CVE-2017-11509
CVE-2017-11509 is an authenticated remote code execution in Firebird SQL Server, triggered by executing a malformed SQL statement. The vulnerability affects Firebird versions 2.5.7 and 3.0.2, allowing an authenticated attacker to run arbitrary code on the server. Publicly documented remediation v...
CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
EUVD-2017-3126
An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement...
Firebird SQL Server for Linux Installed (credentialed check)
Firebird SQL Server, an open source database server, is installed on the remote Linux host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid99133; scriptversion"1.7"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/05/24"; scriptxrefname:"IAVT",...
Firebird SQL Server for Linux 2.5.x < 2.5.7 / 3.0.x < 3.0.2 UDF Libraries RCE
The version of Firebird SQL Server for Linux installed on the remote host is 2.5.x prior to 2.5.7 or 3.0.x prior to 3.0.2. It is, therefore, affected by a flaw in the UDF component due to insufficient restrictions on access to external functions by the symbols of the UDF library. An authenticated...
Firebird SQL Server Remote Denial of Service (CVE-2014-9323)
The version of Firebird SQL Server installed on the remote host is vulnerable to a remote denial of service attack. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid80104; scriptversion"1.8"; scriptsetattributeattribute:"pluginmodificationdate", value:"2021/06/03";...
Firebird SQL Server Installed
Binary data firebirdinstalled.nbin...
Firebird Relational Database CNCT Group Number Buffer Overflow
This Metasploit module exploits a vulnerability in Firebird SQL Server. A specially crafted packet can be sent which will overwrite a pointer allowing the attacker to control where data is read from. Shortly, following the controlled read, the pointer is called resulting in code execution. The...
Firebird - Relational Database CNCT Group Number Buffer Overflow (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'Firebird Relational Database CNCT Group Number Buffer Overflow', 'Description' = %q This module exploits a vulnerability in...
Firebird SQL server integer overflow
Integer overflow on XDR parsing leads to memory corruption...