RSS   Vulnerabilities for 'Firebird'   RSS

2014-12-16
 
CVE-2014-9323

CWE-Other
 

 
The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer dereference, segmentation fault, and crash) via an op_response action with a non-empty status.

 
2008-05-12
 
CVE-2008-1880

CWE-255
 

 
The default configuration of Firebird before 2.0.3.12981.0-r6 on Gentoo Linux sets the ISC_PASSWORD environment variable before starting Firebird, which allows remote attackers to bypass SYSDBA authentication and obtain sensitive database information via an empty password.

 


Copyright 2024, cxsecurity.com

 

Back to Top