10 Database Security Threats Every IT Administrator Should Know

1
2
3
4
5
6
7
8
9
10
11
1 of 11

10 Database Security Threats Every IT Administrator Should Know

by Brian Prince

2 of 11

Default, Blank & Weak Username&47;Password

• Microsoft SQL Server Blank & Default Password• Default Oracle Username and Password• IBM DB2 Default Admin Password

3 of 11

SQL Injections

• SQL Injection Vulnerability in Oracle Database "SYS.DBMS_AQIN"• SQL injection vuln in Oracle 10gR1 database using SYS.DBMS_STREAMS_AUTH• SQL Injection in Oracle with ".ALTER_AUTOLOG_CHANGE_SOURCE" function

4 of 11

Extensive User & Group Privilege

• BUILTINAdministrator member of SYSADMIN fixed server role in MS SQLServer• Privileged Role Assignment in MS SQLServer• Oracle Account Root Privilege Escalation

5 of 11

Unnecessary Enabled Database Features

• Microsoft SQL Server Permission Granted on xp_cmdshell• Microsoft SQL Server xp_cmdshell Not Removed or Not Disabled• Microsoft SQL Server OLEDB Ad Hoc Query Allowed

6 of 11

Broken Configuration Management

• Sybase current audit table• Oracle Configuration Manager Installed on a production system• Microsoft SQL Server PPS configuration

7 of 11

Buffer Overflows

• SYS.OLAPIMPL_T.ODCITABLESTART Buffer Overflow in Oracle 9iR1 and 9iR2• EXECUTE privilege on DBMS_AQELM can lead to Buffer Overflow in Oracle DB• IBM Lotus Domino IMAP Cram-MD5 Buffer Overflow

8 of 11

Privilege Escalation

• SQL Injection in Oracle DBMS_AQIN allows users to escalate privilege• SQL Injection in Oracle AQADM_SYS allows users to escalate privilege• MySQL Privilege Escalation through RENAME statement

9 of 11

Denial of Service Attacks

• Oracle Denial of service DoS in SYS.KUPF$FILE_INT• MySQL Hello packet Denial of Service DoS• MySQL authenticated user Denial of Service DoS via federated engine

10 of 11

Unpatched Databases

• Oracle Critical Patch Update CPU• Latest Sybase patch not applied• MS SQL Server service pack and hot fix

11 of 11

Unencrypted Sensitive Data - at Rest and in Motion

• Oracle Network Encryption Required• Domino Server Full Text Indexed Field In Encrypted Database• Unencrypted listener password in Oracle

Top White Papers and Webcasts