CVE-2007-4666

Unspecified vulnerability in the server in Firebird before 2.0.2, when a Superserver/TCP/IP environment is configured, allows remote attackers to cause a denial of service (CPU and memory consumption) via "large network packets with garbage", aka CORE-1397.

Published: Sep 5, 2007
Updated: Apr 13, 2023
CVE: CVE-2007-4666
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

CWEs:

CWE-119

Affected Software
References

Software	From	Fixed in
firebirdsql / firebird	-	2.0.1.x

http://secunia.com/advisories/26615
http://secunia.com/advisories/29501
http://sourceforge.net/project/shownotes.php?release_id=535898
http://tracker.firebirdsql.org/browse/CORE-1397
http://www.debian.org/security/2008/dsa-1529
http://www.firebirdsql.org/index.php?op=files&id=engine_202
http://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf
http://www.securityfocus.com/bid/25497
http://www.vupen.com/english/advisories/2007/3021
https://exchange.xforce.ibmcloud.com/vulnerabilities/36355

Vulnerability Database

289,697

CVE-2007-4666