CVE-2004-2043

InterBase and Firebird < 1.5 - Denial of Service via Long Database Name

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2004-2043. PoCs published by Aviram Jenik, wsxz.

AI-analyzed exploit summary This exploit targets a buffer overflow vulnerability in Borland InterBase 7.1 SP2 and lower, allowing remote code execution via a crafted network packet. It binds a shell to port 65535 on the target system.

Description

Buffer overflow in ibserver for Firebird Database 1.0 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows remote attackers to cause a denial of service (crash) via a long database name, as demonstrated using the gsec command.

Exploits (2)

exploitdb WORKING POC VERIFIED
by Aviram Jenik · perlremotelinux
https://www.exploit-db.com/exploits/303

This exploit targets a buffer overflow vulnerability in Borland InterBase 7.1 SP2 and lower, allowing remote code execution via a crafted network packet. It binds a shell to port 65535 on the target system.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Borland InterBase 7.1 SP2 and lower
No auth needed
Prerequisites: Network access to the target's InterBase port (default 3050) · Target must be running a vulnerable version of InterBase
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WORKING POC VERIFIED
by wsxz · perlremotelinux
https://www.exploit-db.com/exploits/24165

This exploit targets a remote buffer overflow vulnerability in Firebird/InterBase database servers (CVE-2004-2043). It sends maliciously crafted packets to trigger the overflow and execute shellcode, resulting in a port-bound shell on TCP port 65535.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Borland InterBase 7.1 SP2 and lower, Firebird
No auth needed
Prerequisites: Network access to the target's Firebird/InterBase port (default 3050) · Target must be running a vulnerable version of InterBase/Firebird
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (12)

Core 12
Core References
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2006/dsa-1014
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16229
Third Party Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/19350
Mailing List mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=108611386202493&w=2
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/6624
Third Party Advisory mailing-list x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2004-06/0027.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16316
Exploit, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/10446
Exploit, Vendor Advisory x_refsource_misc
http://www.securiteam.com/unixfocus/5AP0P0UCUO.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1010381
Vendor Advisory vdb-entry x_refsource_osvdb
http://www.osvdb.org/6408
Patch, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/11756

Scores

EPSS 0.1187
EPSS Percentile 95.6%

Details

Status published
Products (9)
borland_software/interbase 4.0
borland_software/interbase 5.0
borland_software/interbase 6.0
borland_software/interbase 6.4
borland_software/interbase 6.5
borland_software/interbase 7.0
borland_software/interbase 7.1
borland_software/interbase_superserver 6.0
firebirdsql/firebird 1.0
Published May 01, 2004
Tracked Since Feb 18, 2026