Oracle Java Virtual Machine .jsp and .sqljsp Arbitrary File Read

2001-02-12T00:00:00
ID OSVDB:5706
Type osvdb
Reporter OSVDB
Modified 2001-02-12T00:00:00

Description

Vulnerability Description

Oracle Java Virtual Machine (JVM) contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered by inappropriate file permission settings within a web domain: FilePermission granted to <<ALL FILES>>. This permits arbitrary file disclosure via .jsp and .sqljsp, resulting in a loss of confidentiality.

Solution Description

Currently, there are no known upgrades or patches to correct this issue. It is possible to correct the flaw by implementing the following workaround: grant permission to the explicit document root file path only.

Short Description

Oracle Java Virtual Machine (JVM) contains a flaw that may lead to an unauthorized information disclosure. The issue is triggered by inappropriate file permission settings within a web domain: FilePermission granted to <<ALL FILES>>. This permits arbitrary file disclosure via .jsp and .sqljsp, resulting in a loss of confidentiality.

Manual Testing Notes

Insecure setting example:

call dbms_java.grant_permission('SCOTT', 'SYS:java.io.FilePermission', '<<ALL FILES>>','read');

Workaround example:

call dbms_java.grant_permission('SCOTT', 'SYS:java.io.FilePermission', '(actually directory path)','read');

References:

Vendor Specific Solution URL: http://archives.neohapsis.com/archives/bugtraq/2001-02/0255.html ISS X-Force ID: 6438 CVE-2001-0326