My customer did some checking of their firewall and gave me the following message.

"Name: Borland Interbase Database Message Handling Buffer Overflow
ID: 31633

Description: There exists a buffer overflow vulnerability in Borland Interbase Server. The vulnerability is due to lack of boundary protection while processing Connect requests (Opcode 0x01). A remote unauthenticated attacker can send a crafted request to the target host to exploit this vulnerability. Successful attack could allow for arbitrary code beong injected and executed with the privileges of the affected service, which is normally System on Windows platforms.

Severity: CRITICAL

Bugtraq ID: 29302

Reference: http://securia.com/advisories/30299/
http://www.coresecurity.com/?action=item&id=2278"

Is there a patch for this?

--- In firebird-support@yahoogroups.com, "data.inspector" <data.inspector@...> wrote:
>
> Helen,
>
> As always, thanks for your insight and responses. I think I have enough information now to ask a few more questions of my customer's IT department. I will update this post when I get the answer.
>
> --- In firebird-support@yahoogroups.com, Helen Borrie <helebor@> wrote:
> >
> > At 09:52 AM 4/05/2010, you wrote:
> > >A customer of ours is using using an application we wrote in Delphi to remotely access data in a Firebird 1.5 database on our linux server. All three Win XP and/or Win 7 machines at the remote location suddenly are not able to connect. We used telnet to make sure port 3050 was open. They did recently upgrade their firewall, however, my knowledge of that is severely limited.
> > >
> > >The error messages in the firebird log are:
> > >
> > >"INET/inet_error: read errno = 10053"
> >
> > A Windows network error occurring in the firebird.log at the Linux server?
> >
> > "They did recently upgrade their firewall..."
> >
> > Firewall[s] on Windows clients? Or the firewall on the Linux server? Upgraded to a new version of the old firewall software? Or installed new firewall software? In the latter case the likelihood that working firewall rules have been blown is much higher.
> >
> > The fact that you can telnet in to the server at least says it's unlikely to be a Linux issue.
> >
> > What error message[s] is/are being returned to the client applications when the connection failures occur?
> >
> > >and
> > >"INET/inet_error: receive in try_connect errno = 203"
> >
> > Suggests it could be some kind of a timing or network protocol issue at the clients.
> >
> >
> > >I saw some traffic on this issue related to simultaneous logins. I would guess that we have less than 4 logins at any one time.
> >
> > I don't know what "issue" you would be referring to "related to simultaneous logins". Firebird is designed for simultaneous logins. It doesn't suddenly break of its own accord.
> >
> >
> > >Does anyone know how to resolve this?
> >
> > Not until enough forensics are done to discover the likely cause. You have written:
> >
> > "Not sure [turning off the firewall is] an option. I'm a very small fish and my customer is a very large organization."
> >
> > Large enough that they have some sysadmin on site who is allowed to arbitrarily break the networked application environment through faulty change control? You didn't cause this problem: they did. They have to be involved in the forensics to find and rectify their mistake.
> >
> > ./hb
> >
>