【漏洞分析】
- In pgjdbc before 42.3.3, an attacker (who controls the jdbc URL or properties) can call java.util.logging.FileHandler to write to arbitrary files through the loggerFile and loggerLevel connection properties. An example situation is that an attacker could create an executable JSP file under a Tomcat web root. NOTE: the vendor’s position is that there is no pgjdbc vulnerability; instead, it is a vulnerability for any application to use the pgjdbc driver with untrusted connection properties.
【消化理解】
- 官方不认可是pgjdbc的问题,只是认为流入到getConnection的数据一定是要经过安全过滤的(尤其第二个url参数),应该有应用负责人来保障数据不要流入到getConnection。
【修复Patch】
若有收获,就点个赞吧
0 人点赞
