Optional feature not implemented (Error 106)

B

Brian Krahmer

I'm having a terrible time trying to get this query working with certain
data. I've gotten about 4000 rows into my table, but I've run into 2 so far
that will not go in using ODBC (jdbc). If I cut and paste this into an sql
query window in access, it works fine. To make matters worse, there appears
to be a bug in the driver so that when this error happens, the session will
no longer work for ANY queries. I have an MSDN Pro subscription, but the
phone hold time is outrageous right now.

Query:
INSERT INTO bid (bt_id, title, obj_id, cls_id, remote, local,
published_date, updated_date, discussion, exploit, solution, credit) VALUES
(5035, 'Wolfram Research webMathematica File Disclosure Vulnerability', 11,
5, 1, 0,
#6/17/2002#, #6/17/2002#, ' Wolfram Research''s webMathematica is a Java
based product which allows the inclusion of Mathematica content in a web
environment. It includes CGI programs which generate image content based on
user supplied input.
A file disclosure vulnerability has been reported with the MSP CGI program.
A file name parameter supplied by the user is not properly validated. The
inclusion of "../" character sequences allows the attacker to escape the web
root, and view arbitrary system files.', ' An example URL has been provided
by Andrew
Badr
<[email protected]>:http://www.domain.com/webMathematica/MSP?MSPStoreID
=../../../../../etc/passw
d&MSPStoreType=image/gif', ' Reportedly, Wolfram Research has resolved this
issue in the current version of webMathematica. Customers are advised to
contact Wolfram Research for update information.', ' Message: Directory
Traversal in Wolfram Research''s webMathematica Web page: webMathematica
Homepage
(Wolfram Research)');

Are there other special characters other than (') which I need to escape?
The sql tracing log shows the following info:
BIDS" 604-63c ENTER SQLExecDirect
HSTMT 02CD21E8
UCHAR * 0x07DE8A78 [ -3] "INSERT INTO bid (bt_id, title,
obj_id, cls_id, remote, local, published_date, updated_date, discussion,
exploit, solution, credit) VALUES (5035, 'Wolfram Research webMathematica
File Disclosure Vulnerability', 11, 5, 1, 0, #6/17/2002#, #6/17/2002#, '
Wolfram Research''s webMathematica is a Java based product which allows the
inclusion of Mathematica content in a web environment. It includes CGI
programs which generate image content based on user supplied input.\ d\ a\
d\ aA file disclosure vulnerability has been reported with the MSP CGI
program. A file name parameter supplied by the user is not properly
validated. The inclusion of "../" character sequences allows the attacker to
escape the web root, and view arbitrary system files.', ' An example URL has
been provided by Andrew Badr <[email protected]>:\ d\ a\ d\
ahttp://www.domain.com/webMathematica/MSP?MSPStoreID=../../../../../etc/pass
wd&MSPStoreType=image/gif', ' Reportedly, Wolfram Research has resolved this
issue in the current version of webMathematica. Customers are advised to
contact Wolfram Research for update information.', ' Message: Directory
Traversal in Wolfram Research''s webMathematica Web page: webMathematica
Homepage\ d\ a(Wolfram Research)')\ 0"
SDWORD -3
BIDS" 604-63c EXIT SQLExecDirect with return code -1 (SQL_ERROR)
HSTMT 02CD21E8
UCHAR * 0x07DE8A78 [ -3] "INSERT INTO bid (bt_id, title,
obj_id, cls_id, remote, local, published_date, updated_date, discussion,
exploit, solution, credit) VALUES (5035, 'Wolfram Research webMathematica
File Disclosure Vulnerability', 11, 5, 1, 0, #6/17/2002#, #6/17/2002#, '
Wolfram Research''s webMathematica is a Java based product which allows the
inclusion of Mathematica content in a web environment. It includes CGI
programs which generate image content based on user supplied input.\ d\ a\
d\ aA file disclosure vulnerability has been reported with the MSP CGI
program. A file name parameter supplied by the user is not properly
validated. The inclusion of "../" character sequences allows the attacker to
escape the web root, and view arbitrary system files.', ' An example URL has
been provided by Andrew Badr <[email protected]>:\ d\ a\ d\
ahttp://www.domain.com/webMathematica/MSP?MSPStoreID=../../../../../etc/pass
wd&MSPStoreType=image/gif', ' Reportedly, Wolfram Research has resolved this
issue in the current version of webMathematica. Customers are advised to
contact Wolfram Research for update information.', ' Message: Directory
Traversal in Wolfram Research''s webMathematica Web page: webMathematica
Homepage\ d\ a(Wolfram Research)')\ 0"
SDWORD -3
DIAG [S1C00] [Microsoft][ODBC Microsoft Access Driver]Optional feature not
implemented (106)

TIA!
brian
 
M

[MVP] S. Clark

Go to google.com. Click on Groups.

Enter, "Optional feature not implemented".

There are mulitple responses.

--
HTH,

Steve Clark, Access MVP
FMS, Inc.
Professional Solutions Group
http://www.FMSInc.com
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
Is your Access database too slow?
Are you ready to upgrade to SQL Server?
Contact us for optimization and/or upsizing!
http://www.FMSInc.com/consulting
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Brian Krahmer said:
I'm having a terrible time trying to get this query working with certain
data. I've gotten about 4000 rows into my table, but I've run into 2 so far
that will not go in using ODBC (jdbc). If I cut and paste this into an sql
query window in access, it works fine. To make matters worse, there appears
to be a bug in the driver so that when this error happens, the session will
no longer work for ANY queries. I have an MSDN Pro subscription, but the
phone hold time is outrageous right now.

Query:
INSERT INTO bid (bt_id, title, obj_id, cls_id, remote, local,
published_date, updated_date, discussion, exploit, solution, credit) VALUES
(5035, 'Wolfram Research webMathematica File Disclosure Vulnerability', 11,
5, 1, 0,
#6/17/2002#, #6/17/2002#, ' Wolfram Research''s webMathematica is a Java
based product which allows the inclusion of Mathematica content in a web
environment. It includes CGI programs which generate image content based on
user supplied input.
A file disclosure vulnerability has been reported with the MSP CGI program.
A file name parameter supplied by the user is not properly validated. The
inclusion of "../" character sequences allows the attacker to escape the web
root, and view arbitrary system files.', ' An example URL has been provided
by Andrew
Badr
Click to expand...
=../../../../../etc/passw
d&MSPStoreType=image/gif', ' Reportedly, Wolfram Research has resolved this
issue in the current version of webMathematica. Customers are advised to
contact Wolfram Research for update information.', ' Message: Directory
Traversal in Wolfram Research''s webMathematica Web page: webMathematica
Homepage
(Wolfram Research)');

Are there other special characters other than (') which I need to escape?
The sql tracing log shows the following info:
BIDS" 604-63c ENTER SQLExecDirect
HSTMT 02CD21E8
UCHAR * 0x07DE8A78 [ -3] "INSERT INTO bid (bt_id, title,
obj_id, cls_id, remote, local, published_date, updated_date, discussion,
exploit, solution, credit) VALUES (5035, 'Wolfram Research webMathematica
File Disclosure Vulnerability', 11, 5, 1, 0, #6/17/2002#, #6/17/2002#, '
Wolfram Research''s webMathematica is a Java based product which allows the
inclusion of Mathematica content in a web environment. It includes CGI
programs which generate image content based on user supplied input.\ d\ a\
d\ aA file disclosure vulnerability has been reported with the MSP CGI
program. A file name parameter supplied by the user is not properly
validated. The inclusion of "../" character sequences allows the attacker to
escape the web root, and view arbitrary system files.', ' An example URL has
been provided by Andrew Badr <[email protected]>:\ d\ a\ d\
ahttp://www.domain.com/webMathematica/MSP?MSPStoreID=../../../../../etc/pass
wd&MSPStoreType=image/gif', ' Reportedly, Wolfram Research has resolved this
issue in the current version of webMathematica. Customers are advised to
contact Wolfram Research for update information.', ' Message: Directory
Traversal in Wolfram Research''s webMathematica Web page: webMathematica
Homepage\ d\ a(Wolfram Research)')\ 0"
SDWORD -3
BIDS" 604-63c EXIT SQLExecDirect with return code -1 (SQL_ERROR)
HSTMT 02CD21E8
UCHAR * 0x07DE8A78 [ -3] "INSERT INTO bid (bt_id, title,
obj_id, cls_id, remote, local, published_date, updated_date, discussion,
exploit, solution, credit) VALUES (5035, 'Wolfram Research webMathematica
File Disclosure Vulnerability', 11, 5, 1, 0, #6/17/2002#, #6/17/2002#, '
Wolfram Research''s webMathematica is a Java based product which allows the
inclusion of Mathematica content in a web environment. It includes CGI
programs which generate image content based on user supplied input.\ d\ a\
d\ aA file disclosure vulnerability has been reported with the MSP CGI
program. A file name parameter supplied by the user is not properly
validated. The inclusion of "../" character sequences allows the attacker to
escape the web root, and view arbitrary system files.', ' An example URL has
been provided by Andrew Badr <[email protected]>:\ d\ a\ d\
ahttp://www.domain.com/webMathematica/MSP?MSPStoreID=../../../../../etc/pass
wd&MSPStoreType=image/gif', ' Reportedly, Wolfram Research has resolved this
issue in the current version of webMathematica. Customers are advised to
contact Wolfram Research for update information.', ' Message: Directory
Traversal in Wolfram Research''s webMathematica Web page: webMathematica
Homepage\ d\ a(Wolfram Research)')\ 0"
SDWORD -3
DIAG [S1C00] [Microsoft][ODBC Microsoft Access Driver]Optional feature not
implemented (106)

TIA!
brian
Click to expand...
 
Top