Uploaded image for project: 'Derby'
  1. Derby
  2. DERBY-2437

SYSCS_EXPORT_TABLE can be used to overwrite derby files

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Critical
    • Resolution: Fixed
    • Affects Version/s: 10.0.2.0, 10.0.2.1, 10.1.1.0, 10.1.2.1, 10.1.3.1, 10.2.1.6, 10.2.2.0, 10.3.1.4, 10.4.1.3
    • Fix Version/s: 10.3.1.4, 10.4.1.3
    • Component/s: None
    • Labels:
      None
    • Bug behavior facts:
      Regression, Security

      Description

      here are no controls over which files SYSCS_EXPORT_TABLE can write, thus allowing any user that has permission to execute the procedure to try and modufy information that they have no permissions to do.

      In a similar fashion to the one described in DERBY-2436 I could overwrite derby.properties at least leaqding to a dnial of service attack on the next re-boot.
      With more time it might be possible to write out a valid properties file which would allow chaning the authentication, silentaly adding a new user etc.

        Attachments

          Issue Links

          There are no Sub-Tasks for this issue.

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                djd Daniel John Debrunner
              • Votes:
                0 Vote for this issue
                Watchers:
                0 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: