|
Family: Databases --> Category: infos
Oracle Database 9i/10g Fine Grained Audit Logging Failure Vulnerability Vulnerability Scan
Vulnerability Scan Summary Checks for fine grained audit logging failure vulnerability in Oracle Database 9i/10g
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote database server may allow logging to be disabled.
Description :
The remote host is running a version of Oracle Database that,
according to its version number, suffers from a flaw in which Fine
Grained Auditing (FGA) becomes disabled when the user SYS runs a
SELECT statement.
See also :
http://www.nessus.org/u?7b7e6e40
http://archives.neohapsis.com/archives/bugtraq/2005-05/0044.html
Solution :
Apply the 10.1.0.4 patch set for Oracle 10g.
Risk Factor :
Low / CVSS Base Score : 1
(AV:R/AC:H/Au:R/C:N/A:N/I:P/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|