Issue Details (XML | Word | Printable)

Key: CORE-1681
Type: Bug Bug
Status: Closed Closed
Resolution: Fixed
Priority: Critical Critical
Assignee: Dmitry Yemanov
Reporter: Dmitry Yemanov
Votes: 0
Watchers: 1
Operations

If you were logged in you would be able to see more operations.
Firebird Core

Garbage data in the incoming remote packet may crash the server

Created: 09/Jan/08 04:30 AM   Updated: 18/Nov/08 01:12 PM
Return to search
Component/s: None
Affects Version/s: 1.0.3, 2.0.0, 1.5.4, 2.0.1, 2.0.2, 2.0.3, 2.1 Beta 2, 1.5.5
Fix Version/s: 2.1 RC1, 2.0.4, 1.5.6

Time Tracking:
Not Specified

Environment: ANY


 Description  « Hide
If some kinds of remote packets contain wrong (garbage) data, it may cause an invalid memory access inside the server, forcing a crash. Reported by Core Security Labs, the disclosure is published here: http://www.coresecurity.com/?action=item&id=2095

 All   Comments   Work Log   Change History   Version Control   FishEye      Sort Order: Ascending order - Click to sort in descending order
Dmitry Yemanov made changes - 09/Jan/08 05:10 AM
Field Original Value New Value
Fix Version/s 2.0.4 [ 10211 ]
Fix Version/s 1.5.6 [ 10225 ]
Dmitry Yemanov committed 2 files to 'Firebird' on branch 'B2_0_Release' - 09/Jan/08 09:44 AM
Fixed CORE-1681.
MODIFY src/remote/protocol.cpp   Rev. 1.52.2.5    (+3 -3 lines)
MODIFY src/remote/server.cpp   Rev. 1.126.2.9    (+4 -2 lines)
B2_0_Release:dimitr:20080109094434 by  Dmitry Yemanov (2 files)
09/Jan/08 09:44 AM (24 months, 18 days ago)
Dmitry Yemanov committed 2 files to 'Firebird' on branch 'B1_5_Release' - 09/Jan/08 09:53 AM
Fixed CORE-1681. Includes backporting of some array bound checks from v2.x.
MODIFY src/remote/server.cpp   Rev. 1.34.2.5    (+4 -2 lines)
MODIFY src/remote/protocol.cpp   Rev. 1.26.2.2    (+11 -0 lines)
B1_5_Release:dimitr:20080109095300 by  Dmitry Yemanov (2 files)
09/Jan/08 09:53 AM (24 months, 17 days ago)
Fixed CORE-1681. Includes backporting of some array bound checks from v2.x.
firebird2/src/remote/protocol.cpp 1.26.2.2 history download (+11 -0) diffs
firebird2/src/remote/server.cpp 1.34.2.5 history download (+4 -2) diffs

Dmitry Yemanov committed 2 files to 'Firebird' - 09/Jan/08 10:20 AM
Fixed CORE-1681.
MODIFY src/remote/server.cpp   Rev. 1.158    (+4 -2 lines)
MODIFY src/remote/protocol.cpp   Rev. 1.61    (+5 -1 lines)
MAIN:dimitr:20080109102057 by  Dmitry Yemanov (2 files)
09/Jan/08 10:20 AM (24 months, 17 days ago)
Dmitry Yemanov made changes - 10/Jan/08 01:30 AM
Fix Version/s 2.1 RC1 [ 10201 ]
Resolution Fixed [ 1 ]
Status Open [ 1 ] Resolved [ 5 ]
Dmitry Yemanov made changes - 10/Jan/08 01:33 AM
Description If some kinds of remote packets contain wrong (garbage) data, it may cause an invalid memory access inside the server, forcing a crash. If some kinds of remote packets contain wrong (garbage) data, it may cause an invalid memory access inside the server, forcing a crash. Reported by Core Security Labs.
Dmitry Yemanov made changes - 10/Jan/08 01:35 AM
Attachment CORE-2007-1219-firebird-advisory.pdf [ 10742 ]
Dmitry Yemanov made changes - 10/Jan/08 01:41 AM
Attachment CORE-2007-1219-firebird-advisory.pdf [ 10742 ]
Dmitry Yemanov made changes - 28/Jan/08 12:51 PM
Description If some kinds of remote packets contain wrong (garbage) data, it may cause an invalid memory access inside the server, forcing a crash. Reported by Core Security Labs. If some kinds of remote packets contain wrong (garbage) data, it may cause an invalid memory access inside the server, forcing a crash. Reported by Core Security Labs, the disclosure is published here: http://www.coresecurity.com/?action=item&id=2095
Pavel Cisar made changes - 28/Jan/08 01:17 PM
Workflow jira [ 13806 ] Firebird [ 14118 ]
Pavel Cisar made changes - 29/May/08 05:03 PM
Comment [ http://charlesswartz.org http://usceclub.org http://rustudentrally.com http://intheseplaces.com http://tlak.org http://pack3786.org http://ishere4u.com http://win-shops.com http://f5solution.com http://leavealegacy-lancaster.org http://consideryoursource.com http://robertprather.us http://meetmeatthefountain.com http://gymnasticsdivine.org http://rubicondevelopments.com http://www.tableta.org http://refusetohide.com http://buy-prozac.us
]
Pavel Cisar made changes - 18/Nov/08 01:12 PM
Status Resolved [ 5 ] Closed [ 6 ]

Powered by a free Atlassian JIRA open source license for Firebird (RDBMS). Try JIRA - bug tracking software for your team.
Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13.5-#360) - Bug/feature request - Atlassian news - Contact Administrators