Abstract

Java Database Connectivity (JDBC) is a Java-based API that enables Java applications to interact with various relational databases. It provides a standard set of interfaces and classes for connecting to databases, executing SQL queries, and retrieving results. JDBC is widely utilized in enterprise applications for data manipulation and retrieval, offering database-independent access through a unified framework.

JDBC vulnerabilities are not new. As early as 2019, researchers introduced the concept of JDBC attacks at BlackHat Europe, under the topic titled 'New Exploit Technique in Java Deserialization Attack.' To be candid, recent JDBC vulnerabilities primarily stem from specific components with implementation issues. For instance, the vulnerabilities in MySQL JDBC driver affect only MySQL itself and do not impact PostgreSQL, since PostgreSQL does not have corresponding code implementations.

However, today we will share a new JDBC attack that affects a wide range of JDBC drivers, all stemming from the same underlying flaw. The root cause of this specific vulnerability lies in issues with the Java Authentication and Authorization Service (JAAS) implementation, which affects numerous vendors, including Amazon, Cloudera, IBM, and Microsoft.

In this session, we will share the story behind this, including how we gained inspiration, how we discovered the vulnerabilities, and the specific impacts of these vulnerabilities.