From: Alex P. <pes...@ma...> - 2007-05-14 08:54:03
|
On Monday 14 May 2007 02:10, Adriano dos Santos Fernandes wrote: > Vlad Horsun wrote: > > Look at http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-2606 > > > > They found "many BOF's in config\ConfigFile.cpp and in > > msgs\check_msgs.epp" > > > > First file used by INTL module to parse fbintl.conf at first > > attachment made after server start. It was taken from Vulcan - it is all > > i can say about it ;) > > > > I don't think it can be used to attack firebird but code must be > > corrected, imho > > I don't see the BO reading the alert and the code. for example: JString ConfigFile::expand(JString rawString) { char temp [1024]; And nobody checks for temp overflow later. |