[DERBY-6636] The public api of BaseDataFileFactory may allow blackhats to assume elevated privileges. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: 10.11.1.1
Fix Version/s: 10.12.1.1
Component/s: Store
Labels:
- derby_backport_reject_10_11

Urgency:
Normal
Bug behavior facts:

Security

Description

BaseDataFileFactory has a public constructor and a public boot() method. Arbitrary code running in the JVM may be able to instantiate a BaseDataFileFactory outside of Derby's authentication mechanisms and so acquire the ability to read/update Derby-managed data with the privileges granted to Derby. Arbitrary code may be able to interfere with the normal operation of Derby and may be able to corrupt data.

This is just an observation based on casual code inspection. It may be that there are mechanisms in place which frustrate these attacks. I have not tried to exploit these potential vulnerabilities myself.

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

derby-6636-01-aa-usederbyinternals.diff
29/Sep/14 16:43
2 kB
Richard N. Hillegas

Activity

People

Assignee:: Richard N. Hillegas

Reporter:: Richard N. Hillegas

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 24/Jun/14 13:20

Updated:: 02/Oct/14 20:41

Resolved:: 29/Sep/14 18:52