Bonjour
Juste pour avoir plus d'informations et de précision.
hier en recherchant des vulnérabilités sur mon serveur Firebird avec Kasperski internet security 2026 voici le résultat que j'ai eu :
Ma question est de savoir :
Denial of service vulnerability in FireBird
Kaspersky Lab ID
KLA10741
CVSS
4.0
Severity
Warning
Detect Date
January 13, 2016
Description
Improper commands usage at RDBMS was found in FireBird. By exploiting this vulnerability malicious users can cause denial of service. This vulnerability can be exploited remotely via vectors related to gbak utility.
Technical details
This vulnerability related to unhandled case exception at burp.cpp. This vulnerability can be exploited by remote authenticated user via a specially designed gbak command with typo.
Affected products
Firebird version 2.5.5
Solution
Since vulnerability was introduced at 2.5.5 version you can downgrade to earlier versions or wait for update to next version which isn't released right now
FireBird download page
Original advisories
Openwall advisory
Openwall advisory
FireBird advisory
Impacts
DoS
[?]
CVE-IDs
CVE-2016-1569
Es un faux positif ?
Es une faille connue deja colmatée ?
Que faut il faire ?
Merci à tous
Partager