Metasploit mailing list archives
Re: Exploit module in metasploit
From: Ramon de Carvalho Valle <ramon () metasploit com>
Date: Sun, 18 Apr 2010 22:19:19 -0300
The modules for InterBase only work for versions of InterBase, not Firebird. I have not developed a module for CVE-2007-3181, however, the modules for CVE-2007-5243 include the versions of Firebird vulnerable to CVE-2007-3181 and probably can be used. The following is the list of modules: modules/exploit/windows/misc/fb_isc_attach_database modules/exploit/windows/misc/fb_isc_create_database modules/exploit/windows/misc/fb_svc_attach -Ramon Joshua Drake wrote:
From my memory, many of the vulnerabilities reported in InterBase were
due to a bundled version of Firebird. In those cases, the modules should be for Firebird and simply reference InterBase as having bundled it.
Additionally, we should check whether we need to develop an exploit
for CVE-2007-3181 or if one of the other existing modules covers that case. On 04/16/2010 01:29 PM, Joshua J. Drake wrote:
On Fri, Apr 16, 2010 at 11:23:08AM -0300, David Guimaraes wrote:I wonder if there is any module(or intend to make) in metasploit that exploits CVE-2007-3181 (Vulnerability in Firebird/Interbase). This vulnerability is a buffer overflow in Firebird SQL 2 (fbserver.exe) that allows remote attackers to execute arbitrary code. Despite being an old vulnerability (2007), in an old version (firebird < 2.0.1), there are still many unpatched machines. In a scanning pentest conducted in an organization through Nessus, I was able to locate several machines that has this vulnerability, however, I could not find any exploits. Any help is welcome. Thank you.David, That CVE (2007-3181) is not currently on the TODO list. However, you may want to investigate the various InterBase modules, including http://www.metasploit.com/modules/exploit/linux/misc/ib_inet_connect .. From memory, those vulnerabilities in InterBase were due to a bundled version of the Firebird Database. I filed a ticket in the MSF Redmine to track clarifying etc. It is ticket #1706. _______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
_______________________________________________ https://mail.metasploit.com/mailman/listinfo/framework
Current thread:
- Exploit module in metasploit David Guimaraes (Apr 16)
- Re: Exploit module in metasploit Joshua J. Drake (Apr 16)
- Re: Exploit module in metasploit Ramon de Carvalho Valle (Apr 18)
- Re: Exploit module in metasploit Joshua J. Drake (Apr 16)