Test Kennung:	1.3.6.1.4.1.25623.1.0.803185
Kategorie:	Buffer overflow
Titel:	Firebird Relational Database CNCT Group Number Buffer Overflow Vulnerability - Windows, Active Check
Zusammenfassung:	Firebird server is prone to a buffer overflow vulnerability.
Beschreibung:	Summary: Firebird server is prone to a buffer overflow vulnerability. Vulnerability Insight: The flaw exists with a group number extracted from the CNCT information, which is sent by the client and whose size is not properly checked. Vulnerability Impact: Successful exploitation will allow remote attackers to cause denial of service condition. Affected Software/OS: Firebird Server version 2.1.3 to 2.1.5 before 18514 and 2.5.1 to 2.5.3 before 26623. Solution: Update to version 2.1.5 Update 1, 2.5.2 Update 1, 2.5.3, 2.1.6 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-2492 BugTraq ID: 58393 http://www.securityfocus.com/bid/58393 Debian Security Information: DSA-2647 (Google Search) http://www.debian.org/security/2013/dsa-2647 Debian Security Information: DSA-2648 (Google Search) http://www.debian.org/security/2013/dsa-2648 https://security.gentoo.org/glsa/201512-11 https://gist.github.com/zeroSteiner/85daef257831d904479c https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/fb_cnct_group.rb SuSE Security Announcement: openSUSE-SU-2013:0496 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00036.html SuSE Security Announcement: openSUSE-SU-2013:0504 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2013-03/msg00039.html
Copyright	Copyright (C) 2013 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.