[Snort-sigs] rule documentation for WEB-MISC Oracle XSQLConfig.xml access

Josh.Sakofsky at ...1573... Josh.Sakofsky at ...1573...
Wed Jun 11 14:21:12 EDT 2003


Rule: WEB-MISC Oracle XSQLConfig.xml access

--
Sid: 1871

--
Summary: A remote user has attempted access to Oracle Application Server's 
XSQLConfig.xml configuration file.

--
Impact: Serious

--
Detailed Information: With the default installation of Oracle's 
Application Server, it is possible for an unauthorized user to view
the XSQLConfig.xml file. This file contains information such as the 
database server's name, user id's, and passwords.

--
Affected Systems: Oracle 9i Application Server

--
Attack Scenarios: An attacker can use this to find out information about 
the database and then use that information to compromise the server.

--
Ease of Attack: Easy

--
False Positives: None Known

--
False Negatives: None Known

--
Corrective Action: Apply appropriate permissions to the file.

--
Contributors: Original rule writer unknown.
              Josh Sakofsky
-- 
Additional References: 
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0568
                       http://cgi.nessus.org/plugins/dump.php3?id=10855
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-sigs/attachments/20030611/7b40ed4e/attachment.html>


More information about the Snort-sigs mailing list