Borland InterBase ibserver.exe Service Attach request buffer overflow

Added: 04/21/2008
CVE: CVE-2008-1910
BID: 28730
OSVDB: 44455

Background

Borland Interbase is a database solution for Windows, Linux, and Solaris platforms.

Problem

A buffer overflow vulnerability in ibserver.exe allows remote attackers to execute arbitrary commands by sending a long, specially crafted Service Attach request.

Resolution

Apply a patch or upgrade when one is available.

References

http://archives.neohapsis.com/archives/fulldisclosure/2008-04/0266.html

Limitations

Exploit works on InterBase 2007 SP2.

Platforms

Windows 2000
Windows Server 2003

Back to exploit index