Signature Detail
Short Name |
DB:IB:FILENAME-OF |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
DB |
Keywords |
interbase attach filename overflow |
Release Date |
2011/11/22 |
Update Number |
2034 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+ |
DB: InterBase Filename Overflow
This signature detects attempts to exploit a known vulnerability in the Borland InterBase database system. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
Borland InterBase is prone to multiple remote buffer-overflow vulnerabilities because the application fails to bounds-check user-supplied input before copying it into an insufficiently sized memory buffer. Successfully exploiting these issues allows remote attackers to execute arbitrary machine code with SYSTEM-Level privileges. This will result in a complete compromise of affected computers. Borland InterBase 2007 for Linux and Windows is considered vulnerable.
Affected Products
- Borland Interbase 2007
- Borland Interbase 2007 SP2
- Gentoo Linux
References
- BugTraq: 25917
- CVE: CVE-2007-5243