Monday, 26 September 2016

Re: [firebird-support] Vulnerability

 

On 26-9-2016 22:56, Carlos Mazariegos carlosemazariegosa@gmail.com
[firebird-support] wrote:
> I understand firebird is not equal interbase,
> but the problem is that the Firewall Palo Alto,
> Palo Alto detected the vulnerability with my application, which is built
> with:

It didn't detect the vulnerability, it likely just detected that you
used the Firebird protocol and matched that with one of the known and
fixed vulnerabilities. You really need to be more specific, did it say
which vulnerability it detected (which CVE)?

> * Java EE 7
> * Glassfish 4.1
> * Firebird Superserver 2.5.5.
>
> researching on the internet I found that firebird has had buffer
> overflow vulnerability. My question is:
>
> Firebird presents the vulnerability of "buffer overflow"?

The term "buffer overflow" is very generic, and Firebird has had a few
in previous versions. As far as I am aware, there are no known
vulnerabilities in 2.5.5.

You might want to contact the vendor of Firewall Palo Alto to specify
which vulnerability they detected.

Mark
--
Mark Rotteveel

__._,_.___
Posted by: Mark Rotteveel <mark@lawinegevaar.nl>
Reply via web post Reply to sender Reply to group Start a New Topic Messages in this topic (4)
Have you tried the highest rated email app?
With 4.5 stars in iTunes, the Yahoo Mail app is the highest rated email app on the market. What are you waiting for? Now you can access all your inboxes (Gmail, Outlook, AOL and more) in one place. Never delete an email again with 1000GB of free cloud storage.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Visit http://www.firebirdsql.org and click the Documentation item
on the main (top) menu.  Try FAQ and other links from the left-side menu there.

Also search the knowledgebases at http://www.ibphoenix.com/resources/documents/

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

.

__,_._,___
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)