A vulnerability identified in Borland InterBase can be exploited by malicious users to escalate their privileges on a vulnerable system.
The vulnerability is caused by an access control error. The problem is that it is possible to create an external table in an arbitrary file on the system. If the file exists, it is possible to manipulate it by appending data to it. Reportedly, InterBase is installed with SYSTEM or root privileges by default, which allows manipulation of any file on the system.
An example was included in the original advisory, which creates a user with root privileges and no password:
create table test external '/etc/passwd' (id char(80));
insert into test values('r00t::0:0:root:/root:/bin/bash');
Solution: Upgrade to version 7.0. Allow only trusted users access to the system.
Do you have additional information related to this advisory?
Please provide information about patches, mitigating factors, new versions, exploits, faulty patches, links, and other relevant data by posting comments to this Advisory. You can also send this
information to firstname.lastname@example.org