Debian Bug report logs - #444976
CVE-2007-2606: Multiple buffer overflows

Package: firebird2.0; Maintainer for firebird2.0 is (unknown);

Reported by: Steffen Joeris <steffen.joeris@skolelinux.de>

Date: Tue, 2 Oct 2007 12:30:02 UTC

Severity: important

Done: Damyan Ivanov <dam@modsoftsys.com>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian Firebird Group <pkg-firebird-general@lists.alioth.debian.org>:
Bug#444976; Package firebird2.0. Full text and rfc822 format available.

Acknowledgement sent to Steffen Joeris <steffen.joeris@skolelinux.de>:
New Bug report received and forwarded. Copy sent to Debian Firebird Group <pkg-firebird-general@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Steffen Joeris <steffen.joeris@skolelinux.de>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: CVE-2007-2606: Multiple buffer overflows
Date: Tue, 02 Oct 2007 22:34:08 +1000
Package: firebird2.0
Severity: important

Hi

There is another CVE[0] issued for firebird2.0.
I am not sure, if that is covered with the new upstream release. Could
you maybe comment on that?

CVE-2007-2606:

Multiple buffer overflows in Firebird 2.1 allow attackers to trigger
memory corruption and possibly have other unspecified impact via certain
input processed by (1) config\ConfigFile.cpp or (2) msgs\check_msgs.epp.
NOTE: if ConfigFile.cpp reads a configuration file with restrictive
permissions, then the ConfigFile.cpp vector may not cross privilege
boundaries and perhaps should not be included in CVE. 
  
Thanks for your efforts

Cheers
Steffen

[0]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2606




Reply sent to Damyan Ivanov <dam@modsoftsys.com>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Steffen Joeris <steffen.joeris@skolelinux.de>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #10 received at 444976-done@bugs.debian.org (full text, mbox):

From: Damyan Ivanov <dam@modsoftsys.com>
To: Steffen Joeris <steffen.joeris@skolelinux.de>
Cc: 444976-done@bugs.debian.org
Subject: Re: Bug#444976: firebrid2.0: CVE-2007-2606: Multiple buffer overflows
Date: Tue, 2 Oct 2007 17:23:37 +0300
[Message part 1 (text/plain, inline)]
-=| Steffen Joeris, Tue, Oct 02, 2007 at 10:34:08PM +1000 |=-
> There is another CVE[0] issued for firebird2.0.
> 
> CVE-2007-2606:
> 
> Multiple buffer overflows in Firebird 2.1 allow attackers to trigger
> memory corruption and possibly have other unspecified impact via certain
> input processed by (1) config\ConfigFile.cpp or (2) msgs\check_msgs.epp.
> NOTE: if ConfigFile.cpp reads a configuration file with restrictive
> permissions, then the ConfigFile.cpp vector may not cross privilege
> boundaries and perhaps should not be included in CVE.

> [0]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2606

I asked upstream and the conclusion is that there is nothing to worry
about, because:

o 2.0.3 (the version in sid/lenny) is not vulnerable. Even if it were,
  no big worry, since

o The ConfigFile.cpp problems required that root-owned (0644) files are
  crafted

o msgs/check_msgs.epp is used only during the build process to create
  the message database

So I am happily closing the bug :)

Thank you Steffen for watching the bulletins!
-- 
dam            JabberID: dam@jabber.minus273.org
[signature.asc (application/pgp-signature, inline)]

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Wed, 31 Oct 2007 07:29:20 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Wed Apr 23 19:02:29 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.