|
 |
|
JBoss HSQLDB Database Vulnerability
|
|
|
|
|
Secunia Advisory:
|
SA9961
|
|
|
Release Date:
|
2003-10-08
|
|
|
Critical:
|
Moderately critical
|
|
Impact:
|
Manipulation of data
Exposure of sensitive information
DoS
System access
|
|
Where:
|
From local network
|
|
Solution Status:
|
Vendor Workaround
|
|
| Software: | JBoss AS 3.x
|
|
|
|
|
|
Description:
A vulnerability has been reported in JBoss, which can be exploited by malicious users to gain knowledge of sensitive information, manipulate logs, cause a DoS (Denial of Service) or compromise a vulnerable system.
The vulnerability exists in the SQL database "HSQLDB" used for managing JMS connections and is caused due to a combination of various errors in some classes in JDK and insecure default settings of JBoss. This can be exploited by sending a specially crafted sequence of SQL statements to port 1701/tcp (JBoss 3.2.1) or port 1476/tcp (JBoss 3.0.8).
Successful exploitation may in the worst case allow a malicious user to execute arbitrary code with the privileges of the JBoss Java process. This has, however, only been reported for Windows systems even though similar exploitation can't be ruled out on other platforms.
The vulnerability has been reported in versions 3.0.8 and 3.2.1 running on JDK 1.4.x. However, other versions may also be affected.
Solution:
Document containing guidelines for removing the default TCP/IP access to hsqldb:
http://sourceforge.net/docman/display_doc.php?docid=19314&group_id=22866
Provided and/or discovered by:
Marc Schoenefeld, www.illegalaccess.org
Original Advisory:
http://www.illegalaccess.org/
|
|
|
|
|
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise.
Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.
|
|
|
|
3 Related Secunia Security Advisories
|
|
|
1. JBoss DeploymentFileRepository Directory Traversal Vulnerability
|
|
2. JBoss "org.jboss.web.WebServer" Information Disclosure
|
|
3. JBoss JSP Source Disclosure Vulnerability
|
|
|
Send Feedback to Secunia
|
|
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com.
Ideas, suggestions, and other feedback are most welcome.
|
|
|
|
|
|
Secunia PSI
Scan | Patch | Track
Free Download
|
|
|
Secunia Poll
|
|
|
|
|
 |
|
|
Most Popular Advisories
|
|
|
|
|
|
