Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Interbase back door exposed

Interbase back door exposed

by Phiber on January 16th, 2001 A back door password has been hidden in Borland/Inprise's popular Interbase database software for at least seven years, potentially exposing tens of thousands of private databases at corporations and government agencies to unauthorized access and manipulation over the Internet, experts say.


Analysts report that the account name 'politically' with the password 'correct' unlocks access to Interbase versions 4.0, 5.0 and 6.0 over the net, on any platform. Moreover, because Interbase has the ability to execute user-defined functions, the back door can be used to inject malicious code into a system, which could give an attacker administrative access to the computer itself, according to a Wednesday advisory from the Computer Emergency Response Team (CERT).
"The back door account password can not be changed using normal operational commands, nor can the account be deleted from existing vulnerable server," reads the CERT warning.
Jim Starkey, the architect of the original, 1985 version of Interbase -- which did not contain a back door -- says hackers have already begun scanning the Internet for services on TCP port 3050, the default port for Interbase servers.
California-based Borland did not return phone calls, but the company web site acknowledges "a potential security loophole within the Interbase product."
According to company press material, Interbase users include Nokia, MCI, Northern Telecom, Bear Stearns, the Money Store, the US Army, NASA, and Boeing.

Read even more


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »