|
Family: Databases --> Category: infos
Oracle 9iAS DAD Admin interface Vulnerability Scan
Vulnerability Scan Summary Tests for presence of Oracle9iAS DAD Admin interface
Detailed Explanation for this Vulnerability Test
In a default installation of Oracle 9iAS, it is possible to access the
mod_plsql DAD Admin interface. Access to these pages should be restricted.
Solution:
Edit the wdbsvr.app file, and change the setting 'administrators=' to
named users who are allowed admin rights.
Reference : http://online.securityfocus.com/archive/1/155881
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|