From: Secunia Security Advisories (sec-advsecunia.com)
Date: Wed Apr 09 2003 - 03:33:04 CDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

TITLE:
Borland Interbase External Table Vulnerability

READ ONLINE:
http://www.secunia.com/advisories/8551/

CRITICAL:
Less critical

IMPACT:
Manipulation of data, Privilege escalation

WHERE:
Local system

SOFTWARE:
Borland Interbase 6.x

DESCRIPTION:
A vulnerability identified in Borland InterBase can be exploited by
malicious users to escalate their privileges on a vulnerable system.

The vulnerability is caused by an access control error. The problem
is that it is possible to create an external table in an arbitrary
file on the system. If the file exists, it is possible to manipulate
it by appending data to it. Reportedly, InterBase is installed with
SYSTEM or root privileges by default, which allows manipulation of
any file on the system.

An example was included in the original advisory, which creates a
user with root privileges and no password:

create table test external '/etc/passwd' (id char(80));
insert into test values('r00t::0:0:root:/root:/bin/bash');

SOLUTION:
Upgrade to version 7.0. Allow only trusted users access to the
system.

REPORTED BY / CREDITS:
Kotala Zdenek

----------------------------------------------------------------------

Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419

----------------------------------------------------------------------

Unsubscribe: Secunia Security Advisories

----------------------------------------------------------------------

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]