SRB Vulnerability Reports
- SRB-2006-0001
- A user from a remote SRB client with write permissions on an SRB server can
read, write, and delete the same set of files on the SRB server as the srb
operating system user (the user id that runs the SRB server). The user can
not access data in a collection but can access all other files that the srb
user can access. Any file, including scripts, logs, and configuration files,
may be compromised. Additionally, other sensitive system files may be read,
such as /etc/passwd, that may aid in other attacks.
- SRB-2006-0002
- A user with the ability to register files on the SRB server can subvert the
access control mechanism to read, modify, and delete arbitrary SRB objects
stored in an operating system file system on the SRB server.
- SRB-2006-0003
- A user from a remote SRB client with write permissions on an SRB server can
read, write, and delete the same set of files on the SRB server as the srb
operating system user (the user id that runs the SRB server). Any file,
including SRB objects, scripts, logs, and configuration files, may be
compromised. Additionally, other sensitive system files may be read, such as
/etc/passwd, that may aid in other attacks. This is the case even if checks
for non-sysadmin SRB user types are functioning.
- SRB-2006-0004
- Users with any SRB account can elevate their privileges to an SRB
administrator. With this privilege, they can read, modify, and delete any
data or metadata in the SRB. They can also gain the ability to run code as
the user account running the srbServer. Depending on the configuration, they
may also be able to gain access to the account running the database
management system (DBMS) used by the SRB.
- SRB-2006-0005
- A user with only the ability to connect to the TCP port that the SRB listens
to for client connections can create an SRB account. No SRB account of any
type or ticket is required. Once an SRB administrator account is created,
the user can also gain the ability to run code as the user account running the
srbServer. Depending on the configuration, they may also be able to gain
access to the account running the database management system (DBMS) used by
the SRB.
- SRB-2006-0006
- A user with only the ability to connect to the TCP port that the SRB listens
to for client connections can affect the metadata stored in the SRB. No SRB
account of any type or ticket is required. This may result in a denial of
service of the SRB server.