Interbase Database Remote Stack Overflow

critical Nessus Network Monitor Plugin ID 4514

Synopsis

The remote host is vulnerable to a buffer overflow

Description

The remote host is running an Interbase database server.

This version has been reported vulnerable to a remote buffer overflow. An attacker, exploiting this flaw, would only need to be able to connect to the database service port (3050/tcp by default). Successful exploitation would result in the attacker executing arbitrary code.

Solution

The issue has been fixed in version 8.1.0.2578 which is available from the vendor website.

See Also

http://www.securityfocus.com/archive/1/[email protected]

Plugin Details

Severity: Critical

ID: 4514

Family: Database

Published: 8/18/2004

Updated: 3/6/2019

Risk Information

VPR

Risk Factor: High

Score: 7.3

CVSS v2

Risk Factor: Critical

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:damian_frizza:borland_interbase

Exploitable With

Core Impact

Reference Information

CVE: CVE-2008-2559

BID: 29302