The default configuration of Firebird prior to 2.0.3.12981.0-r6 on Gentoo Linux sets the ISC_PASSWORD environment variable before starting Firebird, which allows remote malicious users to bypass SYSDBA authentication and obtain sensitive database information via an empty password.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
firebird firebird 2.0.3.12981.0 |
||
firebird firebird |