CVE-2017-11509

NameCVE-2017-11509
DescriptionAn authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, Mageia, GitHub code/issues, web search, more)
ReferencesDLA-1374-1
NVD severityhigh (attack range: remote)

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
firebird2.5 (PTS)jessie (security), jessie2.5.3.26778.ds4-5+deb8u1vulnerable
firebird3.0 (PTS)stretch3.0.1.32609.ds4-14vulnerable
buster, sid3.0.3.32900.ds4-4fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
firebird2.5source(unstable)(unfixed)high
firebird2.5sourcewheezy2.5.2.26540.ds4-1~deb7u4highDLA-1374-1
firebird3.0source(unstable)3.0.3.32900.ds4-3high

Notes

[stretch] - firebird3.0 <postponed> (Minor issue, can be fixed along in a future update)
[jessie] - firebird2.5 <no-dsa> (Minor issue, can be fixed along in a future update)
https://www.tenable.com/security/research/tra-2017-36
Firebird upstream responded to Tenable the issue is not intended to be addressed
in "any current release".
Issue adressed by disabling UDFs in firebird.conf, this is not a source code fix,
and might actually be considered more justof a mitigation.
Steps to reproduce (partly) in: https://lists.debian.org/874lk9wyz5.fsf@curie.anarc.at

Search for package or bug name: Reporting problems