Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-2437

SYSCS_EXPORT_TABLE can be used to overwrite derby files

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Critical
    • Resolution: Fixed
    • 10.0.2.0, 10.0.2.1, 10.1.1.0, 10.1.2.1, 10.1.3.1, 10.2.1.6, 10.2.2.0, 10.3.1.4, 10.4.1.3
    • 10.3.1.4, 10.4.1.3
    • None
    • None
    • Regression, Security

    Description

      here are no controls over which files SYSCS_EXPORT_TABLE can write, thus allowing any user that has permission to execute the procedure to try and modufy information that they have no permissions to do.

      In a similar fashion to the one described in DERBY-2436 I could overwrite derby.properties at least leaqding to a dnial of service attack on the next re-boot.
      With more time it might be possible to write out a valid properties file which would allow chaning the authentication, silentaly adding a new user etc.

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              djd Daniel John Debrunner
              Votes:
              0 Vote for this issue
              Watchers:
              0 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: