db-derby-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Daniel John Debrunner (JIRA)" <j...@apache.org>
Subject [jira] Closed: (DERBY-2437) SYSCS_EXPORT_TABLE can be used to overwrite derby files
Date Thu, 10 Jan 2008 19:49:34 GMT

     [ https://issues.apache.org/jira/browse/DERBY-2437?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Daniel John Debrunner closed DERBY-2437.
----------------------------------------


> SYSCS_EXPORT_TABLE can be used to overwrite derby files
> -------------------------------------------------------
>
>                 Key: DERBY-2437
>                 URL: https://issues.apache.org/jira/browse/DERBY-2437
>             Project: Derby
>          Issue Type: Bug
>          Components: Security
>    Affects Versions: 10.0.2.0, 10.0.2.1, 10.1.1.0, 10.1.2.1, 10.1.3.1, 10.2.1.6, 10.2.2.0,
10.3.1.4, 10.4.0.0
>            Reporter: Daniel John Debrunner
>            Priority: Critical
>             Fix For: 10.3.1.4, 10.4.0.0
>
>
> here are no controls over which files SYSCS_EXPORT_TABLE can write, thus allowing any
user that has permission to execute the procedure to try and modufy information that they
have no permissions to do.
> In a similar fashion to the one described in DERBY-2436 I could overwrite derby.properties
at least leaqding to a dnial of service attack on the next re-boot.
> With more time it might be possible to write out a valid properties file which would
allow chaning the authentication, silentaly adding a new user etc.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message