CVE-2017-11509

November 20, 2021

An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement.

Summary:

An authenticated remote attacker can execute arbitrary code in Firebird SQL Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement.

Reference Links(if available):

  • https://www.tenable.com/security/research/tra-2017-36
  • https://lists.debian.org/debian-lts-announce/2018/05/msg00005.html
  • https://lists.debian.org/debian-lts-announce/2020/02/msg00036.html
  • https://lists.debian.org/debian-lts-announce/2021/11/msg00018.html

  • CVSS Score (if available)

    v2: / HIGHAV:N/AC:L/Au:S/C:C/I:C/A:C

    v3: / HIGHCVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

    Links to Exploits(if available)

  • Tags: , , , ,

    You may have missed

    cybersecurity

    Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials

    April 23, 2024
    image

    CACTUS Ransomware Victim: https://www[.]ebir[.]com/

    April 23, 2024
    image

    CACTUS Ransomware Victim: https://www[.]concordegroup[.]ca/

    April 23, 2024
    image

    CACTUS Ransomware Victim: https://www[.]coastalcargogroup[.]com/

    April 23, 2024
    image

    CACTUS Ransomware Victim: https://www[.]saglobal[.]com/

    April 23, 2024