Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Gentoo: 200805-06 Normal Severity: Firebird Administrative Access Issue

gentoo
Calendar Grey May 9, 2008
Dist Gentoo Esm H88
Gentoo GLSA 202110-10 discusses vulnerabilities in the MySQL server that permits potential local privilege escalation.
Firebird allows remote connections to the administrative account without verifying credentials.

Summary

Gentoo Linux Security Advisory GLSA 200805-06 https://security.gentoo.org/ Severity: Normal Title: Firebird: Data disclosure Date: May 09, 2008 Bugs: #216158 ID: 200805-06

Synopsis ======= Firebird allows remote connections to the administrative account without verifying credentials.
Background ========= Firebird is a multi-platform, open source relational database.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 dev-db/firebird < 2.0.3.12981.0-r6 >= 2.0.3.12981.0-r6
========== Viesturs reported that the default configuration for Gentoo's init script ("/etc/conf.d/firebird") sets the "ISC_PASSWORD" environment variable when starting Firebird. It will be used when no passwor...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory Gentoo remote access administrative access normal severity data disclosure Firebird

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory Gentoo remote access administrative access normal severity data disclosure Firebird

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here