Re: [firebird-support] Vulnerability

2016-09-26 Thread Mark Rotteveel m...@lawinegevaar.nl [firebird-support] 
On 26-9-2016 22:56, Carlos Mazariegos carlosemazarieg...@gmail.com 
[firebird-support] wrote:
> I understand firebird is not equal interbase,
> but the problem is that the Firewall Palo Alto,
> Palo Alto detected the vulnerability with my application, which is built
> with:

It didn't detect the vulnerability, it likely just detected that you 
used the Firebird protocol and matched that with one of the known and 
fixed vulnerabilities. You really need to be more specific, did it say 
which vulnerability it detected (which CVE)?

>   * Java EE 7
>   * Glassfish 4.1
>   * Firebird Superserver 2.5.5.
>
> researching on the internet I found that firebird has had buffer
> overflow vulnerability. My question is:
>
> Firebird presents the vulnerability of "buffer overflow"?

The term "buffer overflow" is very generic, and Firebird has had a few 
in previous versions. As far as I am aware, there are no known 
vulnerabilities in 2.5.5.

You might want to contact the vendor of Firewall Palo Alto to specify 
which vulnerability they detected.

Mark
-- 
Mark Rotteveel

[firebird-support] Is it possible to insert Image via sql stament?

2016-09-26 Thread trsk...@yahoo.com [firebird-support] 
Hi all,
 

 Is it possible to insert image into FB database directly via sql stament using 
isql or flamerobin?
 

 Thanks & regards,
 Anto

[firebird-support] Re: Connecting to Firebird 3.01 with JDBC

2016-09-26 Thread trsk...@yahoo.com [firebird-support] 
Hi all, 

Thanks for all your help, at last, I manage to connect to FB 3.0 via JDBC.

In case someone need to know how, this is steps required :
Legacy Authentication 
http://firebirdsql.org/file/documentation/release_notes/html/en/3_0/rnfb30-compat-legacyauth.html
 
 
 
http://firebirdsql.org/file/documentation/release_notes/html/en/3_0/rnfb30-compat-legacyauth.html
 
 
 Legacy Authentication 
http://firebirdsql.org/file/documentation/release_notes/html/en/3_0/rnfb30-compat-legacyauth.html
 Using a text editor, open firebird.conf and find the entry for the parameter 
UserManager: #UserManager = Srp Delete the “#” symbol an...
 
 
 
 View on firebirdsql.org 
http://firebirdsql.org/file/documentation/release_notes/html/en/3_0/rnfb30-compat-legacyauth.html
 
 Preview by Yahoo

Re: [firebird-support] Firebird Embedded on web hosting

2016-09-26 Thread amigof...@gmail.com [firebird-support] 
yes , from a script that generate this informations on the server :
 

 OS Version : Microsoft Windows NT 6.3.9600.0
Started Time : Win32NT
IIS Version : Microsoft-IIS/8.5

 

 it's a shared web hosting and fb version is Firebird-2.5.4.26856-0_Win32_embed

Re: [firebird-support] Vulnerability

2016-09-26 Thread Carlos Mazariegos carlosemazarieg...@gmail.com [firebird-support] 
Hello,
I understand firebird is not equal interbase,
but the problem is that the Firewall Palo Alto,
Palo Alto detected the vulnerability with my application, which is built
with:

   - Java EE 7
   - Glassfish 4.1
   - Firebird Superserver 2.5.5.

researching on the internet I found that firebird has had buffer overflow
vulnerability. My question is:

Firebird presents the vulnerability of "buffer overflow"?

Thanks for your support.

Regards

El sáb., 24 de sep. de 2016 a la(s) 13:49, Dimitry Sibiryakov
s...@ibphoenix.com [firebird-support] 
escribió:

> 24.09.2016 18:53, carlosemazarieg...@gmail.com [firebird-support] wrote:
> > I have problems with firebird Vulnerability, Palo Alto reports the
> following error:
> >
> > Borland Interbase Database Message Handling Bufer Overflow Vulnerability.
>
>Interbase is not Firebird. Firebird is not Interbase.
>
>
> --
>WBR, SD.
>
>
> 
>
> 
>
> ++
>
> Visit http://www.firebirdsql.org and click the Documentation item
> on the main (top) menu.  Try FAQ and other links from the left-side menu
> there.
>
> Also search the knowledgebases at
> http://www.ibphoenix.com/resources/documents/
>
> ++
> 
>
> Yahoo Groups Links
>
>
>
> --
Carlos Mazariegos