oss-sec mailing list archives

Re: CVE Request -- firebird: DoS (NULL pointer dereference) while preparing an empty query with trace enabled

From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 14 Nov 2012 10:24:08 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/14/2012 08:28 AM, Jan Lieskovsky wrote:

Hello Kurt, Steve, vendors,

a denial of service flaw was found in the way the TraceManager of
Firebird, a SQL relational database management system, performed
preparation of an empty dynamic SQL query. When the trace mode was
enabled, a remote, authenticated database user could use this flaw
to cause the Firebird server to crash with a NULL pointer
dereference.

References: [1]
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693210 [2]
http://tracker.firebirdsql.org/browse/CORE-3884 [3]
https://bugzilla.redhat.com/show_bug.cgi?id=876613

Relevant upstream patch: [4]
http://firebird.svn.sourceforge.net/viewvc/firebird?pathrev=54702&revision=54702&view=revision

 Could you allocate a CVE id for this?

Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat
Security Response Team


Please use CVE-2012-5529 for this issue.



- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/

iQIcBAEBAgAGBQJQo9O3AAoJEBYNRVNeJnmTc+cP/jWrCf2mXolIIEYiocuxQIWq
GlxvEmkZ7+TURvl0McVUVmvsa4J1yTTpwRoPj1RZ1c/Peo045leOGgdbJOPGsTrw
GQ5/KBQUv7OfGsLN9XSJZ566dQa8vZx4jBeZu4fozBB5NS6mz7DWRYzglg5YHrdS
9epV1DXNZBD/hdrhQy3hWrRi5jCIlHU3R5GIC8PkpIeQ81fwYIPHMrZ3abAYHzIP
hiag1p8mYRjPqiCk0h9dmPu/wKGqAtLvi00UgpvmTig603JF6LeqUt0Pp6rt9R57
LzRJejkFjAID2djvBaC0XZBR2qwrwacQX55amnYu11LEz1X7QSaNYUHS005nYZqP
VMPEBq8hPmR/9DfqnO5Bh70DXcH1DegR3zpp4JuSQYUVErUu6x2lb5f6vpZ+NY1W
CXvA0wcyzVmWrXdA9lIWSP6lHHpFgRAPSwFzsgq7FqWw8gzBpPOr6GYZrQ/SbEI0
4/GMxSWhrz5mPWUNDdEegqRsa+P5CpQPOTFKfD8Q2RHKvj8M39goZ4LODYL7P7hI
AraCl9sNU6A+ErzXMHbOcg/UaA+MQ8ict4RXmncfipPIszGbZqqGNBtVbZyk9Hm9
c+2m3cxcFBqqlwb5y/7zpVPV1P+XsEpsAxqqaocvwedyysK6Vdl4OHjo6fHBtdeh
t1BtMiDlBBlD49E9n3dS
=s6jB
-----END PGP SIGNATURE-----

Current thread:

CVE Request -- firebird: DoS (NULL pointer dereference) while preparing an empty query with trace enabled Jan Lieskovsky (Nov 14)
- Re: CVE Request -- firebird: DoS (NULL pointer dereference) while preparing an empty query with trace enabled Kurt Seifried (Nov 14)