CVE-2004-2043: Buffer Overflow
First published: Sat May 01 2004(Updated: )
Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| InterBase | =4.0 | |
| InterBase | =5.0 | |
| InterBase | =6.0 | |
| InterBase | =6.4 | |
| InterBase | =6.5 | |
| InterBase | =7.0 | |
| InterBase | =7.1 | |
| Borland InterBase | =6.0 | |
| FirebirdSQL | =1.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securiteam.com/unixfocus/5AP0P0UCUO.html
- http://www.securityfocus.com/bid/10446
- http://www.osvdb.org/6408
- http://secunia.com/advisories/11756
- http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0027.html
- http://www.osvdb.org/6624
- http://securitytracker.com/id?1010381
- http://www.debian.org/security/2006/dsa-1014
- http://secunia.com/advisories/19350
- http://marc.info/?l=bugtraq&m=108611386202493&w=2
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16316
- https://exchange.xforce.ibmcloud.com/vulnerabilities/16229
Frequently Asked Questions
What is the severity of CVE-2004-2043?
CVE-2004-2043 has a medium severity rating, as it can lead to a denial of service due to a buffer overflow.
How do I fix CVE-2004-2043?
To fix CVE-2004-2043, upgrade to Firebird Database version 1.5 or later, or ensure that your InterBase version is updated.
What systems are affected by CVE-2004-2043?
CVE-2004-2043 affects various versions of Firebird Database and InterBase, including versions 4.0 to 7.1.
Can CVE-2004-2043 allow remote attacks?
Yes, CVE-2004-2043 allows remote attackers to exploit the vulnerability through a long database name.
What impact does CVE-2004-2043 have on database servers?
CVE-2004-2043 can cause database servers to crash, resulting in a denial of service.
- agent/references
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/weakness
- agent/author
- agent/remedy
- agent/severity
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-historical
- vendor/borland software
- canonical/interbase
- version/interbase/4.0
- version/interbase/5.0
- version/interbase/6.0
- version/interbase/6.4
- version/interbase/6.5
- version/interbase/7.0
- version/interbase/7.1
- canonical/borland interbase
- version/borland interbase/6.0
- vendor/firebirdsql
- canonical/firebirdsql
- version/firebirdsql/1.0