SYSCS_EXPORT_TABLE can be used to overwrite derby files
-------------------------------------------------------
Key: DERBY-2437
URL: https://issues.apache.org/jira/browse/DERBY-2437
Project: Derby
Issue Type: Bug
Components: Security
Reporter: Daniel John Debrunner
Priority: Critical
here are no controls over which files SYSCS_EXPORT_TABLE can write, thus
allowing any user that has permission to execute the procedure to try and
modufy information that they have no permissions to do.
In a similar fashion to the one described in DERBY-2436 I could overwrite
derby.properties at least leaqding to a dnial of service attack on the next
re-boot.
With more time it might be possible to write out a valid properties file which
would allow chaning the authentication, silentaly adding a new user etc.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
