In association with heise online

26 July 2007, 16:46

Security update for Borland Interbase 2007

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

Borland has fixed a vulnerability in its Interbase 2007 database, which could have been exploited by an attacker to crash or gain control over a server. The cause of the problem was a buffer overflow in the database service (ibserver.exe) when processing crafted create requests on TCP port 3050. Authentication is not required for a successful attack, although only attacks from the local network are likely to succeed. Registered users can obtain the update via Borland subsidiary Codegear.

TippingPoint, who discovered the vulnerability, has published a detailed account of how the vulnerability was discovered and analysed on its blog.

See also:


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit