Summary
A buffer overflow was discovered in the Firebird database server, which could result in the execution of arbitrary code.
Solution
For the stable distribution (squeeze), this problem has been fixed in version 2.1.3.18185-0.ds1-11+squeeze1.
For the testing distribution (wheezy), firebird2.1 will be removed in favour of firebird2.5.
For the unstable distribution (sid), firebird2.1 will be removed in favour of firebird2.5.
We recommend that you upgrade your firebird2.1 packages.
Insight
Firebird is a relational database offering many ANSI SQL-99 features that runs on Linux, Windows, and a variety of Unix platforms. Firebird offers excellent concurrency, high performance, and powerful language support for stored procedures and triggers.
Affected
firebird2.1 on Debian Linux
Detection
This check tests the installed software version using the apt package manager.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2013-2492 -
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P
Related Vulnerabilities