CVE-2016-1569

MEDIUM

FireBird 2.5.5 - DoS

Title source: llm

Description

FireBird 2.5.5 allows remote authenticated users to cause a denial of service (daemon crash) by using service manager to invoke the gbak utility with an invalid parameter.

References (5)

[Product] http://sourceforge.net/p/firebird/code/62783/

[Various Sources] http://tracker.firebirdsql.org/browse/CORE-5068

[Exploit] http://www.openwall.com/lists/oss-security/2016/01/10/3

[Mailing List, Third Party Advisory] http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177119.html

[Mailing List] http://www.openwall.com/lists/oss-security/2016/01/10/2

Scores

CVSS v3 6.5

EPSS 0.0076

EPSS Percentile 73.0%

Attack Vector NETWORK

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Classification

CWE

CWE-20

Status draft

Affected Products (1)

firebirdsql/firebird

Timeline

Published Jan 13, 2016

Tracked Since Feb 18, 2026