Test |
Priority |
Handle |
Description |
Default Directory object NGSSDBCHK_DIR [C:\\oracle\\ora81\/inventory/ContentsXML] in use |
Medium |
CONF011 |
The default directory objects NGSSDBCHK_DIR (NGSSoftware Ltd.) exists. This directory is sometimes not deleted during a security scan of NGS Squirrel. This could be a security problem. Remove the directory if not needed. Solution: DROP DIRECTORY NGSSDBCHK_DIR |
Unlimited Sessions in Default Profile |
Medium |
CONF029 |
Every user can create an unlimited amount of database sessions. This could cause a D.o.S. problem |
Unlimited Failed Login Attempts in Default Profile |
Medium |
CONF030 |
Every user can try an unlimited amount of database logins. Solution: ALTER PROFILE [profile_name] LIMIT FAILED_LOGIN_ATTEMPTS [new_value] |
No Password Lock Time in Default Profile |
Medium |
CONF031 |
There is no password lock time. Solution: ALTER PROFILE [profile_name] LIMIT PASSWORD_LOCK_TIME UNLIMITED |
Connect Role-Create View |
Medium |
CONF038 |
The CONNECT role contains the CREATE VIEW privilege. This is not necessary for a normal connect to the database. You should revoke this privilege from the CONNECT role. Solution: REVOKE CREATE VIEW FROM "CONNECT" |
Connect Role-Create Table |
Medium |
CONF039 |
The CONNECT role contains the CREATE TABLE privilege. This is not necessary for a normal connect to the database. You should revoke this privilege from the CONNECT role. Solution: REVOKE CREATE TABLE FROM "CONNECT" |
Connect Role-Create Synonym |
Medium |
CONF040 |
The CONNECT role contains the CREATE SYNONYM privilege. This is not necessary for a normal connect to the database. You should revoke this privilege from the CONNECT role. Solution: REVOKE CREATE SYNONYM FROM "CONNECT" |
Connect Role-Create Database Link |
Medium |
CONF042 |
The CONNECT role contains the CREATE DATABASE LINK privilege. This is not necessary for a normal connect to the database. You should revoke this privilege from the CONNECT role. Solution: REVOKE CREATE DATABASE LINK FROM "CONNECT" |
Connect Role-Alter Session |
Medium |
CONF043 |
The CONNECT role contains the ALTER SESSION privilege. A user could use this privilege to dump sensitive information like passwords literals. Solution: REVOKE ALTER SESSION FROM CONNECT |
REMOTE_LOGIN_PASSWORDFILE IS set to [EXCLUSIVE] |
Medium |
CONF046 |
The init.ora parameter REMOTE_LOGIN_PASSWORDFILE is not set to NONE. This feature allows remote logins as SYSDBA. SYSDBA cannot be locked and can be used for bruteforce attacks |
O7_DICTIONARY_ACCESSIBILITY IS TRUE [TRUE] |
Medium |
CONF050 |
The init.ora parameter O7_DICTIONARY_ACCESSIBILITY is set to TRUE. This feature allows users with SELECT ANY TABLE to access all SYS objects. Solution: ALTER SYSTEM SET O7_DICTIONARY_ACCESSIBILITY=FALSE scope=spfile |
DBMS_SQL granted to PUBLIC |
High |
CONF066 |
The default package DBMS_SQL is granted to PUBLIC. This package allows is often used for privilege escalation.
Solution: REVOKE EXECUTE ON DBMS_SQL FROM PUBLIC |
DBMS_RANDOM granted to PUBLIC |
Medium |
CONF078 |
The default package DBMS_RANDOM is granted to PUBLIC. This package allows users to create random numbers.
Solution: REVOKE EXECUTE ON DBMS_RANDOM FROM PUBLIC |
DBMS_LOB granted to PUBLIC |
Medium |
CONF100 |
The default package DBMS_LOB is granted to PUBLIC. This package allows users to read files.
Solution: REVOKE EXECUTE ON DBMS_LOB FROM PUBLIC |
UTL_TCP granted to PUBLIC |
High |
CONF118 |
The default package UTL_TCP is granted to PUBLIC. This package allows TCP connection to other computers.
Solution: REVOKE EXECUTE ON UTL_TCP FROM PUBLIC |
UTL_HTTP granted to PUBLIC |
Medium |
CONF127 |
The default package UTL_HTTP is granted to PUBLIC. This package allows users to send HTTP requests.
Solution: REVOKE EXECUTE ON UTL_HTTP FROM PUBLIC |
UTL_SMTP granted to PUBLIC |
Medium |
CONF131 |
The default package UTL_SMTP is granted to PUBLIC. This package allows users to send emails via SMTP.
Solution: REVOKE EXECUTE ON UTL_SMTP FROM PUBLIC |
UTL_INADDR granted to PUBLIC |
Medium |
CONF134 |
The default package UTL_INADDR is granted to PUBLIC. This package allows users to retrieve host names and ip addresses from local and remote hosts.
Solution: REVOKE EXECUTE ON UTL_INADDR FROM PUBLIC |
dblink_encrypt_login=[FALSE] |
Medium |
CONF200 |
dblink_encrypt_login is set to unlimited. Solution: alter system set dblink_encrypt_login=TRUE |
MD is vulnerable against privilege escalation |
Critical |
VULN054 |
MDSYS.MD (8i) is vulnerable against SQL Injection. Solution: Apply the latest Oracle Critical Patch Update. [CVE-2005-3439] [CVSS10.0] |
DBMS_REPCAT_FLA is vulnerable |
Critical |
VULN072 |
SYS.DBMS_REPCAT_FLA (8i) is vulnerable against SQL Injection. Solution: Apply the latest Oracle Critical Patch Update |
Rootkit |
Critical |
BACKD0077 |
Number of sysdba user is different in v$pwfile_users and sys.user$. This could be an indication for a SYSDBA rootkit |
CTXSYS has a default password |
Critical |
DEFPW819 |
8Default password of unlocked user CTXSYS detected. Solution: alter user CTXSYS identified by newpw; |
DBSNMP has a default password |
Critical |
DEFPW832 |
8Default password of unlocked user DBSNMP detected. Solution: alter user DBSNMP identified by newpw; |
ORDPLUGINS has a default password |
Critical |
DEFPW1097 |
Default password of unlocked user ORDPLUGINS detected. Solution: alter user ORDPLUGINS identified by newpw; |
ORDSYS has a default password |
Critical |
DEFPW1098 |
Default password of unlocked user ORDSYS detected. Solution: alter user ORDSYS identified by newpw; |
OUTLN has a default password |
Critical |
DEFPW1101 |
Default password of unlocked user OUTLN detected. Solution: alter user OUTLN identified by newpw; |
SYS has a default password |
Critical |
DEFPW1297 |
Default password of unlocked user SYS detected. Solution: alter user SYS identified by newpw; |