SQLBase Vulnerabilities
Created 2/25/03
Impact
A remote attacker could execute arbitrary commands
with Local System privileges.
Background
SQLBase
is a relational database management system. SQLBase includes
a default database called ISLAND which can be
accessed using the sysadm account with no password.
The Problem
A buffer overflow condition in the EXECUTE
command could allow an attacker to crash the service and
execute arbitrary commands. While a login and password
to an existing database should be required in
order to use the EXECUTE command, the
default ISLAND database allows any user to
authenticate without needing to know a password. Therefore,
any remote attacker could exploit the buffer overflow and
gain control of the server.
SQLBase 8.0.0, 8.1.0, and possibly other versions are
affected by this vulnerability.
Resolution
Remove the ISLAND database. This does not fix the
buffer overflow, but does prevent it from being exploited by
users who do not have a valid login and password to another
database. The buffer overflow has not been sufficiently
fixed by the vendor at the time of this writing.
Where can I read more about this?
This vulnerability was posted to
VulnWatch.