Method to Restict Client Driver Minimum Version

Since many early versions of the client drivers are harmful to the CIS/TDV servers, it would be nice to enforce a minimum client version to prevent DoS attacks. I had discovered and documented how a misconfigured csjdbc.jar driver can cause a denial of service attack on the server by simply having an incorrect keystore password configured. This was true for csjdbc.jar files versions 7.0.0 through 7.0.4 and was only corrected in csjdbc.jar 7.0.4.00.04.

If the server could prevent old clients from connecting (instead of harming the server) then this would help identify applications using old drivers.

Attach files

Enter a subject

This document (including, without limitation, any product roadmap or statement of direction data) illustrates the planned testing, release and availability dates for Spotfire products and services. It is for informational purposes only and its contents are subject to change without notice. Planning to implement - generally 6-12 months out. Likely to Implement - generally means 12-18 months out. Copyright © 2014-2023 Cloud Software Group, Inc. All Rights Reserved. Cloud Software Group, Inc. ("Company") follows the EU Standard Contractual Clauses as per the Company's Data Processing Agreement. Terms of Use | Privacy Policy | Trademarks | Patents | Contact Us

Please enter your email address

RELATED IDEAS

Method to Restict Client Driver Minimum Version