ABSTRACT

Applets that perform JDBC database operations in an untrusted environment can compromise database credentials.

EXPLANATION

By default, Java Applets are allowed to open database connections back to the server from which they are downloaded. In trusted environments, this is acceptable, however, in untrusted environments attackers could use the Applet to discover database credentials and ultimately gain access to the database directly.


Example 1: The following code shows a hardcoded database password being used in an applet.


public class CustomerServiceApplet extends JApplet
{
public void paint(Graphics g)
{
...
conn = DriverManager.getConnection ("jdbc:mysql://db.example.com/customerDB", "csr", "p4ssw0rd");
...


Users of an Applet with hardcoded JDBC credentials can easily discover the credentials since Applet code is downloaded to the client. Furthermore, if the database connection is made over an unencrypted channel, anyone capable of sniffing traffic on the network can also obtain the credentials. Finally, allowing users to connect directly to a database reveals the presence of a publicly acessible database server, which allows attackers to target the database for direct network attacks.

REFERENCES

[1] Standards Mapping - Common Weakness Enumeration - (CWE) CWE ID 305

[2] JDBC Guide: Getting Started - Security Considerations Sun Microsystems, Inc.