CVE-2004-2043

Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command.

Published: May 1, 2004
Updated: Apr 13, 2023
CVE: CVE-2004-2043
Severity: Medium
Exploit:

CVSS v2:

Severity: Medium
Score: 5
AV:N/AC:L/Au:N/C:N/I:N/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
borland_software / interbase	7.0	7.0.x
borland_software / interbase	5.0	5.0.x
borland_software / interbase	4.0	4.0.x
borland_software / interbase	6.5	6.5.x
borland_software / interbase	6.4	6.4.x
firebirdsql / firebird	1.0	1.0.x
borland_software / interbase	6.0	6.0.x
borland_software / interbase_superserver	6.0	6.0.x
borland_software / interbase	7.1	7.1.x

http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0027.html
http://marc.info/?l=bugtraq&m=108611386202493&w=2
http://secunia.com/advisories/11756
http://secunia.com/advisories/19350
http://securitytracker.com/id?1010381
http://www.debian.org/security/2006/dsa-1014
http://www.osvdb.org/6408
http://www.osvdb.org/6624
http://www.securiteam.com/unixfocus/5AP0P0UCUO.html
http://www.securityfocus.com/bid/10446
https://exchange.xforce.ibmcloud.com/vulnerabilities/16229
https://exchange.xforce.ibmcloud.com/vulnerabilities/16316

Vulnerability Database

289,697

CVE-2004-2043