|
Family: Databases --> Category: infos
Oracle XSQLServlet XSQLConfig.xml File Vulnerability Scan
Vulnerability Scan Summary Tests for presence of XSQLConfig.xml
Detailed Explanation for this Vulnerability Test
It is possible to read the contents of the XSQLConfig.xml file which contains
sensitive information.
Solution:
Move this file to a safer location and update your servlet engine's
configuration file to reflect the change.
References:
http://www.nextgenss.com/papers/hpoas.pdf (Hackproofing Oracle9iAS)
http://www.oracle.com/
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.
|