Vulnerability Details : CVE-2007-5243

Multiple stack-based buffer overflows in Borland InterBase LI 8.0.0.53 through 8.1.0.253, and WI 5.1.1.680 through 8.1.0.257, allow remote attackers to execute arbitrary code via (1) a long service attach request on TCP port 3050 to the (a) SVC_attach or (b) INET_connect function, (2) a long create request on TCP port 3050 to the (c) isc_create_database or (d) jrd8_create_database function, (3) a long attach request on TCP port 3050 to the (e) isc_attach_database or (f) PWD_db_aliased function, or unspecified vectors involving the (4) jrd8_attach_database or (5) expand_filename2 function.
Publish Date : 2007-10-06 Last Update Date : 2008-11-15

Collapse All Expand All Select Select&Copy	Scroll To Vendor Statements(0) Additional Vendor Data(0) OVAL Definitions(0) Vulnerable Products(0) # Of Vulns By Products References(0) Metasploit Modules(0)	Comments View User Comments Add Comment	External Links Secunia Advisories XForce Advisories Vulnerability Details at NVD Vulnerability Details at Mitre Nessus Plugins Linux Kernel Git Repository First CVSS Guide
Related Tweets Even more tweets Search Twitter Search YouTube Search Google

- CVSS Scores & Vulnerability Types

Cvss Score	9.3
Confidentiality Impact	Complete (There is total information disclosure, resulting in all system files being revealed.)
Integrity Impact	Complete (There is a total compromise of system integrity. There is a complete loss of system protection, resulting in the entire system being compromised.)
Availability Impact	Complete (There is a total shutdown of the affected resource. The attacker can render the resource completely unavailable.)
Access Complexity	Medium (The access conditions are somewhat specialized. Some preconditions must be satistified to exploit)
Authentication	Not required (Authentication is not required to exploit the vulnerability.)
Gained Access	None
Vulnerability Type(s)	Execute CodeOverflow
CWE ID	119

- Products Affected By CVE-2007-5243

#	Product Type	Vendor	Product	Version
1	Application	Borland Software	Interbase	Li 8.0.0.53	Details Vulnerabilities
2	Application	Borland Software	Interbase	Li 8.0.0.54	Details Vulnerabilities
3	Application	Borland Software	Interbase	Wi-v8.0.0.123	Details Vulnerabilities
4	Application	Borland Software	Interbase	Li 8.0.0.253	Details Vulnerabilities
5	Application	Borland Software	Interbase	Wi-v6.0.0.627	Details Vulnerabilities
6	Application	Borland Software	Interbase	Wi-v6.0.1.0	Details Vulnerabilities
7	Application	Borland Software	Interbase	Wi-v7.0.1.1	Details Vulnerabilities
8	Application	Borland Software	Interbase	Wi-o6.0.1.6	Details Vulnerabilities
9	Application	Borland Software	Interbase	Wi-v6.0.1.6	Details Vulnerabilities
10	Application	Borland Software	Interbase	Wi-o6.0.2.0	Details Vulnerabilities
11	Application	Borland Software	Interbase	Wi 8.1.0.257	Details Vulnerabilities
12	Application	Borland Software	Interbase	Wi 5.1.1.680	Details Vulnerabilities
13	Application	Borland Software	Interbase	Wi-v5.1.1.680	Details Vulnerabilities
14	Application	Borland Software	Interbase	Wi-v6.5.0.28	Details Vulnerabilities
15	Application	Borland Software	Interbase	Wi-v7.5.0.129	Details Vulnerabilities
16	Application	Borland Software	Interbase	Wi-v5.5.0.742	Details Vulnerabilities
17	Application	Borland Software	Interbase	Wi-v7.5.1.80	Details Vulnerabilities

- Number Of Affected Versions By Product

Vendor	Product	Vulnerable Versions
Borland Software	Interbase	17

- References For CVE-2007-5243

http://osvdb.org/38605
OSVDB 38605

http://xforce.iss.net/xforce/xfdb/36956
XF borland-multiple-functions-bo(36956)

http://osvdb.org/38606
OSVDB 38606

http://osvdb.org/38608
OSVDB 38608

http://osvdb.org/38607
OSVDB 38607

http://osvdb.org/38609
OSVDB 38609

http://risesecurity.org/advisory/RISE-2007002/

http://risesecurity.org/blog/entry/3/

http://risesecurity.org/exploit/10/

http://risesecurity.org/exploit/12/

http://risesecurity.org/exploit/13/

http://risesecurity.org/exploit/14/

http://risesecurity.org/exploit/15/

http://risesecurity.org/exploit/9/

http://www.securityfocus.com/bid/25917
BID 25917 Borland InterBase Multiple Remote Buffer Overflow Vulnerabilities Release Date:2007-12-18

http://www.securitytracker.com/id?1018772
SECTRACK 1018772

http://www.frsirt.com/english/advisories/2007/3381
VUPEN ADV-2007-3381

http://secunia.com/advisories/27058
SECUNIA 27058

- Metasploit Modules Related To CVE-2007-5243

Borland InterBase INET_connect() Buffer Overflow
This module exploits a stack buffer overflow in Borland InterBase by sending a specially crafted service attach request.
Borland InterBase jrd8_create_database() Buffer Overflow
This module exploits a stack buffer overflow in Borland InterBase by sending a specially crafted create request.
Borland InterBase PWD_db_aliased() Buffer Overflow
This module exploits a stack buffer overflow in Borland InterBase by sending a specially crafted attach request.
Firebird Relational Database isc_attach_database() Buffer Overflow
This module exploits a stack buffer overflow in Borland InterBase by sending a specially crafted create request.
Firebird Relational Database isc_create_database() Buffer Overflow
This module exploits a stack buffer overflow in Borland InterBase by sending a specially crafted create request.
Firebird Relational Database SVC_attach() Buffer Overflow
This module exploits a stack buffer overflow in Borland InterBase by sending a specially crafted service attach request.
Borland InterBase isc_attach_database() Buffer Overflow
This module exploits a stack buffer overflow in Borland InterBase by sending a specially crafted attach request.
Borland InterBase isc_create_database() Buffer Overflow
This module exploits a stack buffer overflow in Borland InterBase by sending a specially crafted create request.
Borland InterBase SVC_attach() Buffer Overflow
This module exploits a stack buffer overflow in Borland InterBase by sending a specially crafted service attach request.