MGASA-2013-0102
| Date: | April 2nd, 2013 |
| Affected releases: | 2 |
| Media: | Core |
Description:
The FirebirdSQL server is vulnerable to a stack buffer overflow that can be
triggered when an unauthenticated user sends a specially crafted packet.
The result can lead to remote code execution as the user which runs the
FirebirdSQL server. (CVE-2013-2492)
Updated Packages:
i586:
firebird-2.5.2.26539-2.mga2.i586.rpm
firebird-classic-2.5.2.26539-2.mga2.i586.rpm
firebird-devel-2.5.2.26539-2.mga2.i586.rpm
firebird-server-classic-2.5.2.26539-2.mga2.i586.rpm
firebird-server-common-2.5.2.26539-2.mga2.i586.rpm
firebird-server-superserver-2.5.2.26539-2.mga2.i586.rpm
firebird-superclassic-2.5.2.26539-2.mga2.i586.rpm
firebird-superserver-2.5.2.26539-2.mga2.i586.rpm
firebird-utils-classic-2.5.2.26539-2.mga2.i586.rpm
firebird-utils-common-2.5.2.26539-2.mga2.i586.rpm
firebird-utils-superserver-2.5.2.26539-2.mga2.i586.rpm
libfbclient2-2.5.2.26539-2.mga2.i586.rpm
libfbembed2-2.5.2.26539-2.mga2.i586.rpm
firebird-debug-2.5.2.26539-2.mga2.i586.rpm
x86_64:
firebird-2.5.2.26539-2.mga2.x86_64.rpm
firebird-classic-2.5.2.26539-2.mga2.x86_64.rpm
firebird-devel-2.5.2.26539-2.mga2.x86_64.rpm
firebird-server-classic-2.5.2.26539-2.mga2.x86_64.rpm
firebird-server-common-2.5.2.26539-2.mga2.x86_64.rpm
firebird-server-superserver-2.5.2.26539-2.mga2.x86_64.rpm
firebird-superclassic-2.5.2.26539-2.mga2.x86_64.rpm
firebird-superserver-2.5.2.26539-2.mga2.x86_64.rpm
firebird-utils-classic-2.5.2.26539-2.mga2.x86_64.rpm
firebird-utils-common-2.5.2.26539-2.mga2.x86_64.rpm
firebird-utils-superserver-2.5.2.26539-2.mga2.x86_64.rpm
lib64fbclient2-2.5.2.26539-2.mga2.x86_64.rpm
lib64fbembed2-2.5.2.26539-2.mga2.x86_64.rpm
firebird-debug-2.5.2.26539-2.mga2.x86_64.rpm
SRPMS:
firebird-2.5.2.26539-2.mga2.src.rpm
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2492
http://www.debian.org/security/2013/dsa-2648
http://tracker.firebirdsql.org/browse/CORE-4058
https://bugs.mageia.org/show_bug.cgi?id=9322
