Interbase Detected
Created 3/16/01
CVE 2001-0008
Impact
A built-in backdoor account could be used to gain
remote access to any database, or to overwrite files
and execute arbitrary commands on the system with
the privileges of the database server.
Background
Interbase
is a database server for Unix and Windows.
Firebird
is another database server which is based on Interbase but
is developed independently.
The Problem
Both Interbase and Firebird contain a built-in backdoor
account which could be used to manipulate any database object
on the server, replace stored procedures with Trojan Horse
versions, or execute arbitrary code with the privileges
of the database server, which is often root.
The backdoor account cannot be removed through any
type of configuration procedure.
Borland/Inprise Interbase 4.x and 5.x, open-source Interbase
6.0 and 6.0.1, and Firebird 0.9-3 and earlier are affected
by this vulnerability.
Resolution
Interbase users should install the
patch.
Firebird users should upgrade
to version 0.9-4.
Where can I read more about this?
For more information, see
CERT Advisory 2000-01
and X-Force Alert 5911.