9 matches found
CVE-2003-0197
CVE-2003-0197 affects Borland Interbase Database 6.x. A buffer overflow in gds_lock_mgr allows local users to gain privileges by supplying a long ISC_LOCK_ENV (INTERBASE_LOCK) environment variable. The issue enables local privilege escalation and can impact confidentiality, integrity, and availab...
CVE-2004-2043
CVE-2004-2043 affects Firebird/InterBase-based systems, with a buffer overflow in the ibserver that can be triggered remotely by a long database name via the gsec command, causing a crash (DoS). Affected: Firebird 1.0 and other versions before 1.5 (Firebird2/InterBase-derived releases noted in De...
CVE-2007-5243
CVE-2007-5243 covers multiple stack-based buffer overflows in Borland InterBase/Firebird components (LI 8.0.0.53–8.1.0.253 and WI 5.1.1.680–8.1.0.257) that enable remote code execution via crafted requests over TCP port 3050. Affected entry points include long service attach or create requests ta...
CVE-2004-1833
CVE-2004-1833 affects Borland Interbase 7.1 on Linux. The admin.ib file has default world-writable permissions, enabling local users to gain database administrative privileges (privilege escalation). No remediation details are provided in the supplied documents; mode is based on the concrete desc...
CVE-2001-0008
Interbase servers (Borland/Inprise Interbase 4.x/5.x and Open Source Interbase 6.x; Firebird 0.9-3 and earlier) contain a compiled‑in backdoor account with a fixed password that can be used by any user to manipulate database objects via port 3050/tcp and potentially overwrite files. The CERT/CA a...
CVE-2007-3566
CVE-2007-3566 describes a stack-based buffer overflow in Borland Interbase 2007’s database service ibserver.exe, exploitable remotely via a long size value in a CREATE request to port 3050/tcp. The vulnerability exists in InterBase 2007 before SP2 and can allow arbitrary code execution by a remot...
CVE-2007-5244
CVE-2007-5244 is a stack-based buffer overflow in Borland InterBase LI (Linux, 8.0.0.53–8.1.0.253; possibly Solaris) triggered by a long attach request to TCP port 3050, via the open_marker_file function. Publicly observed references include Metasploit module ib_open_marker_file.rb (Exploitation ...
CVE-2002-1514
The CVE-2002-1514 entry concerns gds_lock_mgr in Borland InterBase . The vulnerability allows local users to overwrite files and gain privileges via a symlink attack on a temporary file named isc_init1.X , demonstrated by modifications to the xinetdbd file. The provided records indicate a local a...
CVE-2002-2087
The CVE-2002-2087 entry describes a buffer overflow in Borland InterBase 6.0 that allows local users to execute arbitrary code by supplying a long INTERBASE environment variable when invoking gds_drop, gds_lock_mgr, or gds_inet_server. This is documented across multiple feeds (Red Hat, CVE listin...