Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sun, 4 Jan 2015 05:32:06 +0100
From: Salvatore Bonaccorso <>
Cc: Vincent Danen <>,
Subject: Re: CVE request: denial of service flaw in firebird


On Sat, Jan 03, 2015 at 06:59:18PM -0500, wrote:
> >I've not seen a CVE for this; could one be assigned?  Thanks.
> >
> >It was found that an unauthenticated remote attacker could send a
> >malformed network packet to a firebird server, which would cause the
> >server to crash.
> >
> >
> >
> >
> >
> >
> Use CVE-2014-9492.

I have a question back on this assignment. Initially CORE-4630 did not
had a CVE reference in the title at leat afair, but some time ago the
reference to CVE-2014-9323 appeared.

We used then this reference in Debian to track the issue, but also
others have it:

Should CVE-2014-9492 be rejected and CVE-2014-9323 to be still
continued to be used?


Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ