Home » Hacking News » Interbase gds_lock_mgr buffer overflow
Interbase gds_lock_mgr buffer overflow
by Mario Miri on April 9th, 2003 It has been reported that setuid gds_lock_mgr which is shipped with Interbase software is prone to buffer overflow attack. This allows to local attacker to execute commands/instructions with root privileges.
Vulnerable:
Borland/Inprise Interbase 6.0
Borland/Inprise Interbase 6.4
Borland/Inprise Interbase 6.5
Firebird 1.0.2
Solution:
Currently there are no vendor supplied patches.
Discovered by:
Secure Network Operations, Inc