Interbase Backdoor Account Vulnerability

vendor:

Interbase

by:

SecurityFocus

7.5

CVSS

HIGH

Backdoor Account

255

CWE

Product Name: Interbase

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2002

Interbase Backdoor Account Vulnerability

Interbase is an open source relational database offered by Borland Inprise Corporation. It contains a backdoor user account and password called 'LOCKSMITH'. When accessed this account will eliminate all implemented security allowing full control of any database and contents within the database, this level of access will allow any function to be performed including modification of objects, root access and execution of arbitrary functions.

Mitigation:

Disable the 'LOCKSMITH' account and ensure that all other accounts have strong passwords.

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/2192/info

Interbase is an open source relational database offered by Borland Inprise Corporation.

Interbase contains a backdoor user account and password called "LOCKSMITH". When accessed this account will eliminate all implemented security allowing full control of any database and contents within the database, this level of access will allow any function to be performed including modification of objects, root access and execution of arbitrary functions. "LOCKSMITH" is hard coded in the database engine and is located in the jrd/pwd.h header.

Successful exploitation of this vulnerability will lead to complete compromise of the host. 

#define LOCKSMITH_USER "politically"

#define LOCKSMITH_PASSWORD "correct"