ports/52395: databases/firebird* vulnerabilities
Lars Thegler
lars at thegler.dk
Sun May 18 15:40:16 UTC 2003
>Number: 52395
>Category: ports
>Synopsis: databases/firebird* vulnerabilities
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-ports-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: change-request
>Submitter-Id: current-users
>Arrival-Date: Sun May 18 08:40:13 PDT 2003
>Closed-Date:
>Last-Modified:
>Originator: Lars Thegler
>Release: FreeBSD 4.7-STABLE i386
>Organization:
>Environment:
System: FreeBSD dask.thegler.dk 4.7-STABLE FreeBSD 4.7-STABLE #8: Sun Feb 9 10:50:10 CET 2003 root at dask.thegler.dk:/usr/obj/usr/src/sys/GENERIC i386
>Description:
According to http://packetstormsecurity.nl/0305-exploits/dsr-adv001.txt,
databases/firebird (version 1.0.2.908) and databases/firebird-devel
(1.0.0-RC2) both suffer from locally exploitable stack overflows.
>How-To-Repeat:
>Fix:
Mark both ports
FORBIDDEN= Local Stack Overflow, see http://packetstormsecurity.nl/0305-exploits/dsr-adv001.txt
>Release-Note:
>Audit-Trail:
>Unformatted:
More information about the freebsd-ports-bugs
mailing list