In association with heise online

13 June 2007, 10:42

Buffer overflow vulnerability in Firebird database

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The security research company TippingPoint has released information about a vulnerability in the Firebird OpenSource SQL database that allowed remote attackers to compromise the server through a weakness in processing requests.

The vulnerability could be exploited to cause a buffer overflow when processing a connect request on the fbserver.exe server, which listens for requests by default on the port 3050/TCP. The developers fixed the vulnerability starting with Version 2.0.1 of the Firebird database in late March 2007.

TippingPoint released the Security Advisory now so that administrators of the affected versions could download and install the latest version. Anyone still working with Version 2.0.0 or earlier should download the update or limit access to the server to trusted computers through a firewall.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit