Název

Popis

Port

Excessive privileges

When users (or applications) are granted database privileges that exceed the requirements of their job function, these privileges may be used to gain access to confidential information. For example, a university administrator whose job requires read-only access to student records may take advantage of excessive update privileges to change grades.

Privilege abuse

Users may abuse legitimate data access privileges for unauthorized purposes. For example, a user with privileges to view individual patient records via a custom healthcare application client may abuse that privilege to retrieve all patient records via a MS-Excel client.

Unauthorized privilege elevation

Attackers may take advantage of vulnerabilities in database management software to convert low-level access privileges to high-level access privileges. For example, an attacker might take advantage of a database buffer overflow vulnerability to gain administrative privileges

Platform vulnerabilities

Vulnerabilities in underlying operating systems may lead to unauthorized data access and corruption. For example, the Blaster worm took advantage of a Windows 2000 vulnerability to take down target servers.

SQL injection

SQL injection attacks involve a user who takes advantage of vulnerabilities in front-end web applications and stored procedures to send unauthorized database queries, often with elevated privileges. Using SQL injection, attackers could even gain unrestricted access to an entire database.

Weak audit

Weak audit policy and technology represent risks in terms of compliance, deterrence, detection, forensics and recovery.

Denial of service

Denial of service (DoS) may be invoked through many techniques. Common DoS techniques include buffer overflows, data corruption, network flooding and resource consumption. The latter is unique to the database environment and frequently overlooked

Database protocol vulnerabilities

Vulnerabilities in database protocols may allow unauthorized data access, corruption or availability. For example, the SQL Slammer worm took advantage of a Microsoft SQL Server protocol vulnerability to execute attack code on target database servers.

Weak authentication

Weak authentication schemes allow attackers to assume the identity of legitimate database users. Specific attack strategies include brute force attacks, social engineering, and so on

Exposure of backup data

Some recent high profile attacks have involved theft of database backup tapes and hard disks.