Nessus Plugin #10660

Plugin Index

Note: This file has been created from a downloaded version of the Nessus Plugins from http://www.nessus.org/. Therefore, the information here can be outdated.

Oracle tnslsnr security

Family:

Misc.

Category:

infos

Copyright:

James W. Abendschan <jwa@jammed.com> (GPL)

Summary:

Determines if the Oracle tnslsnr has been assigned a password.

Version:

$Revision: 1.10 $

Cve_id:

-

Bugtraq_id:

-

Xrefs:

-

Description:

The remote Oracle tnslsnr has no password assigned.
An attacker may use this fact to shut it down arbitrarily,
thus preventing legitimate users from using it properly.

Solution: use the lsnrctrl SET PASSWORD command to assign a password to, the tnslsnr.
Risk factor : High