Interbase数据库服务器后门帐号覆盖文件漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1106159 漏洞类型 未知
发布时间 2001-01-10 更新时间 2006-09-20
CVE编号 CVE-2001-0008 CNNVD-ID CNNVD-200102-034
漏洞平台 Multiple CVSS评分 10.0
|漏洞来源
https://www.exploit-db.com/exploits/20537
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200102-034
|漏洞详情
Interbase数据库服务器后门帐号存在漏洞。远程攻击者可以使用存储进程覆盖任意文件。
|漏洞EXP
source: http://www.securityfocus.com/bid/2192/info

Interbase is an open source relational database offered by Borland Inprise Corporation.

Interbase contains a backdoor user account and password called "LOCKSMITH". When accessed this account will eliminate all implemented security allowing full control of any database and contents within the database, this level of access will allow any function to be performed including modification of objects, root access and execution of arbitrary functions. "LOCKSMITH" is hard coded in the database engine and is located in the jrd/pwd.h header.

Successful exploitation of this vulnerability will lead to complete compromise of the host. 

#define LOCKSMITH_USER "politically"

#define LOCKSMITH_PASSWORD "correct"
|参考资料

来源:CERT/CCAdvisory:CA-2001-01
名称:CA-2001-01
链接:http://www.cert.org/advisories/CA-2001-01.html
来源:BID
名称:2192
链接:http://www.securityfocus.com/bid/2192
来源:XF
名称:interbase-backdoor-account(5911)
链接:http://xforce.iss.net/static/5911.php