CVE-2008-0387

Firebird < 1.0.3, 1.5.x < 1.5.6, 2.0.x < 2.0.4, 2.1.x < 2.1.0 RC1 - Remote Code Execution via Crafted XDR Requests

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0387. PoCs published by Damian Frizza.

AI-analyzed exploit summary This exploit targets an integer overflow vulnerability in Firebird SQL, allowing remote attackers to execute arbitrary code via crafted XDR requests. The PoC sends a malformed packet to trigger memory corruption.

Description

Integer overflow in Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1 might allow remote attackers to execute arbitrary code via crafted (1) op_receive, (2) op_start, (3) op_start_and_receive, (4) op_send, (5) op_start_and_send, and (6) op_start_send_and_receive XDR requests, which triggers memory corruption.

Exploits (1)

exploitdb WORKING POC VERIFIED

by Damian Frizza · phpremotemultiple

https://www.exploit-db.com/exploits/31050

View Code ZIP pw:eip

This exploit targets an integer overflow vulnerability in Firebird SQL, allowing remote attackers to execute arbitrary code via crafted XDR requests. The PoC sends a malformed packet to trigger memory corruption.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: Firebird SQL 1.0.3 and earlier, 1.5.x before 1.5.6, 2.0.x before 2.0.4, and 2.1.x before 2.1.0 RC1

No auth needed

Prerequisites: Network access to the Firebird SQL server on port 3050

MITRE ATT&CK