Detections
Analytics

Debian DSA-1529-1 : firebird -- multiple vulnerabilities

critical Nessus Plugin ID 38955

Synopsis

The remote Debian host is missing a security-related update.

Description

Multiple security problems have been discovered in the Firebird database, which may lead to the execution of arbitrary code or denial of service.

This Debian security advisory is a bit unusual. While it\'s normally our strict policy to backport security bugfixes to older releases, this turned out to be infeasible for Firebird 1.5 due to large infrastructural changes necessary to fix these issues. As a consequence security support for Firebird 1.5 is hereby discontinued.

Solution

Upgrade to the firebird2.0 packages available at backports.org. Version 2.0.3.12981.ds1-6~bpo40+1 fixes all known issues.

See Also

http://www.debian.org/security/2008/dsa-1529

Plugin Details

Severity: Critical

ID: 38955

File Name: debian_DSA-1529.nasl

Version: 1.15

Type: local

Agent: unix

Published: 3/28/2008

Updated: 1/4/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: Critical

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Vulnerability Information

CPE: cpe:/o:debian:debian_linux

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 3/24/2008

Exploitable With

Core Impact

Reference Information

CVE: CVE-2006-7211, CVE-2006-7212, CVE-2006-7213, CVE-2006-7214, CVE-2007-2606, CVE-2007-3181, CVE-2007-3527, CVE-2007-4664, CVE-2007-4665, CVE-2007-4666, CVE-2007-4667, CVE-2007-4668, CVE-2007-4669, CVE-2008-0387, CVE-2008-0467

CWE: 119, 189, 20, 200, 264

DSA: 1529