CVE-2003-0281

Firebird < 1.5 - Buffer Overflow via Long INTERBASE Environment Variable

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 3 public exploits for CVE-2003-0281. PoCs published by bob, stripey.

AI-analyzed exploit summary This is a local buffer overflow exploit for Firebird 1.0.2 on FreeBSD 4.7, targeting the INTERBASE environment variable. It includes shellcode for setuid, bindshell, and execve payloads, depending on the selected target binary.

Description

Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_inet_server, (2) gds_lock_mgr, or (3) gds_drop.

Exploits (3)

exploitdb WORKING POC VERIFIED
by bob · clocalbsd
https://www.exploit-db.com/exploits/29

This is a local buffer overflow exploit for Firebird 1.0.2 on FreeBSD 4.7, targeting the INTERBASE environment variable. It includes shellcode for setuid, bindshell, and execve payloads, depending on the selected target binary.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Firebird 1.0.2 on FreeBSD 4.7
No auth needed
Prerequisites: Local access to the target system · Firebird 1.0.2 installed with vulnerable binaries
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by bob · clocalunix
https://www.exploit-db.com/exploits/21566

This exploit targets a buffer overflow vulnerability in Interbase/Firebird's gds_drop, gds_lock_mgr, and gds_inet_server programs. It leverages environment variable manipulation to overwrite stack memory and execute arbitrary shellcode for local privilege escalation.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Interbase/Firebird 1.0.2
No auth needed
Prerequisites: Local access to the target system · Presence of vulnerable Interbase/Firebird binaries
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by stripey · perllocalunix
https://www.exploit-db.com/exploits/21565

This exploit targets a buffer overflow in the gds_drop program of Interbase 6.0 Linux beta. It uses a crafted environment variable to overwrite stack memory and execute arbitrary shellcode, leading to local privilege escalation.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Interbase 6.0 Linux beta
No auth needed
Prerequisites: Local access to the target system · Presence of /usr/local/interbase/bin/gds_drop
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (6)

Core 6
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/11977
Third Party Advisory vendor-advisory x_refsource_gentoo
http://security.gentoo.org/glsa/glsa-200405-18.xml
Mailing List mailing-list x_refsource_bugtraq
http://seclists.org/lists/bugtraq/2002/Jun/0212.html
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=105259012802997&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/7546
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/8758

Scores

EPSS 0.0101
EPSS Percentile 58.6%

Details

Status published
Products (1)
firebirdsql/firebird 1.0.2
Published Jun 16, 2003
Tracked Since Feb 18, 2026