| Subject | Re: [firebird-support] Vulnerability and Fix?? |
|---|---|
| Author | Helen Borrie |
| Post date | 2008-03-26T22:09:09Z |
At 05:13 PM 26/03/2008, you wrote:
Get Fb 2.0.3 or wait a couple of weeks for Fb 2.0.4
./heLen
>Greets.http://tracker.firebirdsql.org/browse/CORE-1405
>
>Generally we install on systems behind a firewall, but have one system out on the Internet. We received an email about a vulnerability where someone was able to run cmd.exe from our system based on this vulnerability (below).
>
>Our system is currently FB 2.01 Classic on Windows XP Home/Embedded.
>
>Can someone explain the issue
>and how to fix it on this system or if it is fixed on a subsequent release?Fixed at Fb 2.0.2. Check the bugfix list from the Doc Index (search for CORE-1405)
Get Fb 2.0.3 or wait a couple of weeks for Fb 2.0.4
./heLen