| Subject | Re: [firebird-support] Vulnerability |
|---|---|
| Author | Mark Rotteveel |
| Post date | 2016-09-27T05:52:21Z |
On 26-9-2016 22:56, Carlos Mazariegos carlosemazariegosa@...
[firebird-support] wrote:
used the Firebird protocol and matched that with one of the known and
fixed vulnerabilities. You really need to be more specific, did it say
which vulnerability it detected (which CVE)?
in previous versions. As far as I am aware, there are no known
vulnerabilities in 2.5.5.
You might want to contact the vendor of Firewall Palo Alto to specify
which vulnerability they detected.
Mark
--
Mark Rotteveel
[firebird-support] wrote:
> I understand firebird is not equal interbase,It didn't detect the vulnerability, it likely just detected that you
> but the problem is that the Firewall Palo Alto,
> Palo Alto detected the vulnerability with my application, which is built
> with:
used the Firebird protocol and matched that with one of the known and
fixed vulnerabilities. You really need to be more specific, did it say
which vulnerability it detected (which CVE)?
> * Java EE 7The term "buffer overflow" is very generic, and Firebird has had a few
> * Glassfish 4.1
> * Firebird Superserver 2.5.5.
>
> researching on the internet I found that firebird has had buffer
> overflow vulnerability. My question is:
>
> Firebird presents the vulnerability of "buffer overflow"?
in previous versions. As far as I am aware, there are no known
vulnerabilities in 2.5.5.
You might want to contact the vendor of Firewall Palo Alto to specify
which vulnerability they detected.
Mark
--
Mark Rotteveel