CVE-2017-11509

Name	CVE-2017-11509
Description	An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement.
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
References	DLA-1374-1, DLA-2129-1, DLA-2824-1

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
firebird3.0 (PTS)	buster	3.0.5.33100.ds4-2	fixed
	bullseye	3.0.7.33374.ds4-2	fixed
	bookworm	3.0.11.33637.ds4-2	fixed
	sid, trixie	3.0.11.33703.ds4-3	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version	Origin
firebird2.5	source	wheezy	2.5.2.26540.ds4-1~deb7u4	DLA-1374-1
firebird2.5	source	jessie	2.5.3.26778.ds4-5+deb8u2	DLA-2129-1
firebird2.5	source	(unstable)	(unfixed)
firebird3.0	source	stretch	3.0.1.32609.ds4-14+deb9u1	DLA-2824-1
firebird3.0	source	(unstable)	3.0.3.32900.ds4-3

Notes

https://www.tenable.com/security/research/tra-2017-36
https://github.com/FirebirdSQL/firebird/issues/5787
Firebird upstream responded to Tenable the issue is not intended to be addressed
in "any current release".
Issue adressed by disabling UDFs in firebird.conf, this is not a source code fix,
and might actually be considered more of just a mitigation.
Steps to reproduce (partly) in: https://lists.debian.org/874lk9wyz5.fsf@curie.anarc.at