Secunia Logo
Netsikker nu! 2008
 
Debian firebird2 Multiple Vulnerabilities
Secunia Advisory: SA29501
Release Date: 2008-03-27
Popularity: 3,772 views

Critical:
Moderately critical
Impact: Unknown
Exposure of sensitive information
DoS
System access
Where: From local network
Solution Status: Unpatched

OS:Debian GNU/Linux 3.1
Debian GNU/Linux 4.0

Subscribe: Instant alerts on relevant vulnerabilities

CVE reference:CVE-2008-0387
CVE-2008-0467
CVE-2006-7211
CVE-2007-4664
CVE-2007-4665
CVE-2007-4666
CVE-2007-4667
CVE-2007-4668
CVE-2007-4669
CVE-2007-3527
CVE-2007-3181
CVE-2007-2606
CVE-2006-7212
CVE-2006-7213
CVE-2006-7214


Description:
Debian has acknowledged some vulnerabilities in firebird2, where some have unknown impact and others can be exploited by malicious users to disclose potentially sensitive information or to cause a DoS (Denial of Service) and by malicious people to cause a DoS or potentially to compromise a vulnerable system.

For more information:
SA25601
SA26615
SA28596

Solution:
Debian recommends to upgrade to the firebird2.0 packages available at:
http://www.backports.org/backports.org/pool/main/f/firebird2.0/

Security support for Firebird 1.5 (firebird2) in Debian has been discontinued. Please see the Debian advisory for details.

Original Advisory:
http://lists.debian.org/debian-security-announce/2008/msg00098.html

Other References:
SA25601:
http://secunia.com/advisories/25601/

SA26615:
http://secunia.com/advisories/26615/

SA28596:
http://secunia.com/advisories/28596/


Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released.

Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.

Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
  
Latest Advisories

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.

Ideas, suggestions, and other feedback are most welcome.

Most Popular - 3 Hours

1. Subdreamer Light Global Variables SQL Injection Vulnerability // 33 views
2. Trend Micro ServerProtect Multiple Buffer Overflow Vulnerabilities // 31 views
3. Sun Java System Web Proxy Server FTP Subsystem Buffer Overflow // 25 views
4. CA ARCserve Backup Multiple Vulnerabilities // 25 views
5. PluggedOut Blog "index.php" SQL Injection Vulnerabilities // 24 views
6. Apple Mac OS X Security Update Fixes Multiple Vulnerabilities // 23 views
7. Journalness "last_module" PHP Code Execution // 20 views
8. Gentoo Portage Insecure Python Module Search Path Security Issue // 19 views
9. PHP Real Estate Classifieds "id" SQL Injection // 19 views
10. Built2go Real Estate Listings "event_id" SQL Injection // 18 views