26 July 2007, 16:46
Security update for Borland Interbase 2007
Borland has fixed a vulnerability in its Interbase 2007 database, which could have been exploited by an attacker to crash or gain control over a server. The cause of the problem was a buffer overflow in the database service (ibserver.exe) when processing crafted create requests on TCP port 3050. Authentication is not required for a successful attack, although only attacks from the local network are likely to succeed. Registered users can obtain the update via Borland subsidiary Codegear.
TippingPoint, who discovered the vulnerability, has published a detailed account of how the vulnerability was discovered and analysed on its blog.
- Step by Step of How TPTI-07-013 was Discovered security advisory from TippingPoint
(mba)
Print Version | Send by email
| Permalink: http://h-online.com/-733336
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
