VULHUB ™

A buffer overflow has been discovered in the setuid root program gds_lock_mgr, packaged with Interbase. This problem could allow a local user to execute the program with strings of arbitrary length. By using a custom crafted string, the attacker could overwrite stack memory, including the return address of a function, and potentially execute arbitrary code as root. Firebird is based on Borland/Inprise Interbase source code and is therefore also prone to this issue.

A buffer overflow has been discovered in the setuid root program gds_lock_mgr, packaged with Interbase. This problem could allow a local user to execute the program with strings of arbitrary length. By using a custom crafted string, the attacker could overwrite stack memory, including the return address of a function, and potentially execute arbitrary code as root. Firebird is based on Borland/Inprise Interbase source code and is therefore also prone to this issue.