OpenLink Virtuoso SQL Injection Vulnerability Leading to Denial-of-Service

A denial-of-service vulnerability has been identified in the OpenLink Virtuoso open-source version 7.2.11. The issue arises in the 'sqlo_df' component, where attackers can cause a service crash by sending specially crafted SQL statements. This vulnerability can be reproduced using the Virtuoso Docker image by executing the malicious SQL through the isql command-line interface.

Impact

Exploitation of this vulnerability causes the Virtuoso database server to crash, disrupting service availability.

Reproduction

The vulnerability can be reproduced by creating a SQL file with a crafted SQL statement that exploits the lack of proper checks in the 'sqlo_df' component. After removing any existing Docker container named 'virtdb_test', a new container can be started with the Virtuoso image, using 'dba' as the password. Once the server is running, the SQL file can be executed using the isql command, which will trigger the denial-of-service condition by causing the server to crash.

Remediation

Users can update to the latest version of OpenLink Virtuoso, where this vulnerability has been addressed.