Interbase Database Remote Stack Overflow

Critical Nessus Network Monitor Plugin ID 4514

Synopsis

The remote host is vulnerable to a buffer overflow

Description

The remote host is running an Interbase database server.

This version has been reported vulnerable to a remote buffer overflow. An attacker, exploiting this flaw, would only need to be able to connect to the database service port (3050/tcp by default). Successful exploitation would result in the attacker executing arbitrary code.

Solution

The issue has been fixed in version 8.1.0.2578 which is available from the vendor website.

See Also

http://www.securityfocus.com/archive/1/[email protected]

Plugin Details

Severity: Critical

ID: 4514

File Name: 4514.prm

Family: Database

Published: 2004/08/18

Modified: 2016/01/19

Dependencies: 4513

Risk Information

Risk Factor: Critical

CVSSv2

Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

CVSSv3

Base Score: 9.8

Temporal Score: 9.1

Vector: CVSS3#AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Temporal Vector: CVSS3#E:F/RL:O/RC:C

Exploitable With

Core Impact

Reference Information

CVE: CVE-2008-2559

BID: 29302