-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [Cc-ed to the bug for reference]
Remco Seesink wrote: > Isn't the stable version of firebird affected by this bug? > Then there should be an DSA. I wrote to [EMAIL PROTECTED] and the conclusion is that these buffer overflows are not security threat since there are no SxID binaries. My argument was that IF local admin made something SxID then he is vulnerable, explaining when and why SGID fb_lock_manager was necessary. Martin Schulze replied that if we're supposed to save local sysadmin from himself, then we should remove 'rm' and 'mkfs' from the system too :) Given this and the fact that there are no SxID binaries in the default install (sarge/etch/sid), we decided update of stable is unnecessary. Looking once more on http://www.securityfocus.com/archive/1/427480, where the patches are, buffer overrun in fbserver/fb_inet_server may happen if: - - fbserver/fb_inet_server is started with specially crafted command line parameters. since there is no way to control this for the installed init.d scripty or [x]inetd config (except for root), this is not exploitable neither locally, nor remotely. - - special crafted TEMP_DIR environment variabble. Same case as above. Not modifyable, except by root, and thus not exploitable. I guess the 'security' tag is not necessary anymore (I put it just as a warning), but since the bug is closed, BTW, looking at some automated code autiding results (can't find the url) for firebird, I am very glad that there are no SxID binaries there. Firebird code is like spaghetti, ganished with swiss cheese :) Oh, wait! There is a remotelly reproducible crash with 1.5.2, as demonstrated in http://sourceforge.net/mailarchive/forum.php?thread_id=9954078&forum_id=6330 I've just crashed my 1.5.2 superserver (on amd64 that is). Alright, another bugreport is on its way, this time for real... - -- Damyan Ivanov Creditreform Bulgaria [EMAIL PROTECTED] http://www.creditreform.bg/ phone: +359(2)928-2611, 929-3993 fax: +359(2)920-0994 mob. +359(88)856-6067 [EMAIL PROTECTED]/Gaim -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org iD8DBQFEG8x7Hqjlqpcl9jsRAvwYAKCzm7HZcTOI3U6weMc78bcwbuwZ5ACgtucY eXgMtYGRkRfADSGNTmtNN9I= =SWCE -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
