[18577] in bugtraq
Backdoor in Borland InterBase
daemon@ATHENA.MIT.EDU (Ben Greenbaum)
Fri Jan 12 13:23:51 2001
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.GSO.4.30.0101120736310.7731-100000@mail>
Date: Fri, 12 Jan 2001 07:44:58 -0800
Reply-To: Ben Greenbaum <bgreenbaum@SECURITYFOCUS.COM>
From: Ben Greenbaum <bgreenbaum@SECURITYFOCUS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
It has been found that a backdoor has been coded into InterBase since
1992. This previously-secret account has full access and an
unchangeable, known username and password. With this knowlege, attackers
can remotely gain read and write access to any database on the server.
CERT advisory:
http://www.cert.org/advisories/CA-2001-01.html
IBphoenix advisory:
http://www.cert.org/advisories/CA-2001-01.html
More details:
http://firebird.ibphoenix.com/home.nfs?a=ibphoenix&s=979249465:352&page=starkey
Ben Greenbaum
Director of Site Content
SecurityFocus
http://www.securityfocus.com
