Vulnerability Name: | CVE-2004-2043 (CCN-16229) | ||||||||
Assigned: | 2004-05-01 | ||||||||
Published: | 2004-05-01 | ||||||||
Updated: | 2017-07-11 | ||||||||
Summary: | Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command. | ||||||||
CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||
CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)
| ||||||||
Vulnerability Type: | CWE-Other | ||||||||
Vulnerability Consequences: | Gain Access | ||||||||
References: | Source: FULLDISC Type: UNKNOWN 20040602 Firebird [ AND Interbase 7 ] Database Remote Database Name Overflow Source: MITRE Type: CNA CVE-2004-2043 Source: CCN Type: Firebird Web page Firebird - Relational Database for the New Millennium Source: BUGTRAQ Type: UNKNOWN 20040601 Firebird Database Remote Database Name Overflow Source: CCN Type: SA11756 Borland Interbase / Firebird Database Name Buffer Overflow Vulnerability Source: SECUNIA Type: Patch, Vendor Advisory 11756 Source: SECUNIA Type: UNKNOWN 19350 Source: CCN Type: SECTRACK ID: 1010381 InterBase Buffer Overflow in Processing Database Name Lets Remote Users Execute Arbitrary Code Source: SECTRACK Type: UNKNOWN 1010381 Source: DEBIAN Type: UNKNOWN DSA-1014 Source: DEBIAN Type: DSA-1014 firebird2 -- buffer overflow Source: OSVDB Type: Vendor Advisory 6408 Source: OSVDB Type: UNKNOWN 6624 Source: CCN Type: OSVDB ID: 6408 Firebird Database Remote Database Name Overflow DoS Source: CCN Type: OSVDB ID: 6624 Borland Interbase Database Name Overflow Source: CCN Type: SecuriTeam Mailing List, UNIX focus 23 May 2004 Firebird Database Remote Database Name Overflow Source: MISC Type: Exploit, Vendor Advisory http://www.securiteam.com/unixfocus/5AP0P0UCUO.html Source: BID Type: Exploit, Vendor Advisory 10446 Source: CCN Type: BID-10446 Firebird Remote Pre-Authentication Database Name Buffer Overrun Vulnerability Source: XF Type: UNKNOWN firebird-database-name-bo(16229) Source: XF Type: UNKNOWN firebird-database-name-bo(16229) Source: XF Type: UNKNOWN interbase-database-name-bo(16316) | ||||||||
Vulnerable Configuration: | Configuration 1: Configuration CCN 1: ![]() | ||||||||
Oval Definitions | |||||||||
| |||||||||
BACK |