Vulnerabilities > CVE-2006-7217 - Remote Security vulnerability in Apache Derby 10.1.1.0/10.1.2.1/10.1.3.1

047910
CVSS 4.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
SINGLE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
low complexity
apache
nessus

Summary

Apache Derby before 10.2.1.6 does not determine schema privilege requirements during the DropSchemaNode bind phase, which allows remote authenticated users to execute arbitrary drop schema statements in SQL authorization mode.

Vulnerable Configurations

Part Description Count
Application
Apache
3

Nessus

NASL familySuSE Local Security Checks
NASL idSUSE_DERBY-4091.NASL
descriptionApache Derby did not determine schema privilege requirements during the DropSchemaNode bind phase, which allows remote authenticated users to execute arbitrary drop schema statements in SQL authorization mode. (CVE-2006-7217) This update also brings a new requirement of a Java 1.5 JRE.
last seen2020-06-01
modified2020-06-02
plugin id28224
published2007-11-15
reporterThis script is Copyright (C) 2007-2019 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/28224
titleopenSUSE 10 Security Update : derby (derby-4091)
code
#%NASL_MIN_LEVEL 80502

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from openSUSE Security Update derby-4091.
#
# The text description of this plugin is (C) SUSE LLC.
#

include("compat.inc");

if (description)
{
  script_id(28224);
  script_version ("1.10");
  script_cvs_date("Date: 2019/10/25 13:36:29");

  script_cve_id("CVE-2006-7217");

  script_name(english:"openSUSE 10 Security Update : derby (derby-4091)");
  script_summary(english:"Check for the derby-4091 patch");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote openSUSE host is missing a security update."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"Apache Derby did not determine schema privilege requirements during
the DropSchemaNode bind phase, which allows remote authenticated users
to execute arbitrary drop schema statements in SQL authorization mode.
(CVE-2006-7217)

This update also brings a new requirement of a Java 1.5 JRE."
  );
  script_set_attribute(attribute:"solution", value:"Update the affected derby package.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:opensuse:derby");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.1");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:opensuse:10.2");

  script_set_attribute(attribute:"patch_publication_date", value:"2007/08/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2007/11/15");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2007-2019 Tenable Network Security, Inc.");
  script_family(english:"SuSE Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/SuSE/release", "Host/SuSE/rpm-list");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release =~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "openSUSE");
if (release !~ "^(SUSE10\.1|SUSE10\.2)$") audit(AUDIT_OS_RELEASE_NOT, "openSUSE", "10.1 / 10.2", release);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);



flag = 0;

if ( rpm_check(release:"SUSE10.1", reference:"derby-10.3.1.4-0.2") ) flag++;
if ( rpm_check(release:"SUSE10.2", reference:"derby-10.3.1.4-0.1") ) flag++;

if (flag)
{
  if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
  else security_warning(0);
  exit(0);
}
else
{
  tested = pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "derby");
}