Interbase 6 Security Hole Fix
It has been brought to our attention that there is a potential
security loophole within the InterBase product, versions 4.0 through
6.0, that requires your attention. Please download and execute the
patches below; by implementing this patch you will correct the issue
with no impact to the functionality of the InterBase product.
This patch fixes the potential issue and is a security update for
versions 4.0 through 6.0 on platforms: Windows, Linux, Solaris, HP-UX
and SCO. For platforms not covered please contact us at
interbase@borland.com and we will
work with you individually to create a patch for your platform.
For our latest certified release of 5.x, we are working on issuing an
updated version that will be available to customers on the above
platforms. This inline version will incorporate the security fix and
be the official certified version for our current maintenance
customers.
We are not responsible for any patches not supplied by Borland and use
of any unsupported patches will void any current warranties and/or
maintenance contracts you may have in place.
We hope this causes as little inconvenience as possible. Knowing
software is not error free we understand that anomalies will occur, we
are dedicated to correcting them as quickly and efficiently as
possible.
Downloads
Information regarding InterBase Patch 1.0
This patch is a security update for InterBase versions 4.0 through 6.0
on platforms: Windows, Linux, Solaris, HP-UX and SCO.
Extracting the files
- Windows: Use an archiving/compression/extracting program (i.e.,
WinZip, PKZIP) to extact the contents of IbwinPatch.zip. Consult
the extracted README.TXT on running the patch application.
- UNIX: Depending on your Platform run the follwing commands
%> uncompress IbXXXXPatch.tar.Z (where XXXX is either
solaris, Hpux or Linux)
%> tar xvf IbXXXXPatch.tar
Consult the extracted README.TXT for further information.
Installing The Patch
IBLinuxPatch (Linux)
IBWinPatch.exe (Windows)
IBSolarisPatch (Solaris)
IBHP-UXPatch (HP-UX)
IBSCOPatch (SCO)
- Please make sure that the interbase server is not running and
there are no connections to any databases on the machine where
you installing the patch.
- Launch the patch install application from a command/shell
window, or if you are using a graphical interface double click
on the name/icon.
- The patch will ask two questions:
- Which version of InterBase are you using?
Please choose the correct version from the presented
options.
This program is able to fix Interbase versions 4.x to
6.0.1.
- Please Enter the Complete InterBase install directory
:
Please make sure to enter the complete install path when
prompted.
For example: (Windows) D:program
filesdatabasesinterbase or
(Unix/Linux) /usr/local/db/interbase Note: The original
library files and binaries are not modified, instead
copies of the files are made and then fixed. For example
if ibserver.exe is fixed then you would find the following
files in the interbase/bin directory:
ibserver.exe -- The original file
ibserver.exe.org -- A copy of original
ibserver.exe.fixed -- The patched file
Note: For classic versions of Interbase there is no
ibserver, in those cases we will fix the shared Library
files.
For example: (Solaris)
gdsmt.so.0 -- The original file
gdsmt.so.0.org -- A copy of original
gdsmt.so.0.fixed -- The patched file
- Once the program is finished
- Delete ibserver.exe or for classic users delete the
appropriate library file (Don't worry, a backup was
created of the original file: i.e. "ibserver.exe.org")
- Rename ibserver.exe.fixed to ibserver.exe or for classic
users rename the appropriate library file.
- Start the server
Connect with Us