File: 1871.txt

package info (click to toggle)
snort 2.9.7.0-5
  • links: PTS, VCS
  • area: main
  • in suites: buster, sid, stretch
  • size: 55,000 kB
  • ctags: 38,464
  • sloc: ansic: 266,667; sh: 12,508; makefile: 2,908; yacc: 497; perl: 496; lex: 261; sed: 14
file content (64 lines) | stat: -rw-r--r-- 1,127 bytes parent folder | download | duplicates (6)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
Rule:

--
Sid:
1871

--
Summary:
This event is generated when an attempt is made to access an Oracle 
Application Server's XSQLConfig.xml configuration file.

--
Impact:
Serious

--
Detailed Information:
With the default installation of Oracle's  Application Server, it is 
possible for an unauthorized user to view the XSQLConfig.xml file. This 
file contains information such as the database server's name, user id's,
and passwords.

--
Affected Systems:
	Oracle 9i Application Server

--
Attack Scenarios:
An attacker can use this to find out information about the database and 
then use that information to compromise the server.

--
Ease of Attack:
Simple.

--
False Positives: 
None known.

--
False Negatives: 
None known.

--
Corrective Action:
Apply appropriate permissions to the file.

--
Contributors:
Sourcefire Research Team
Brian Caswell <bmc@sourcefire.com>
Nigel Houghton <nigel.houghton@sourcefire.com> 
Snort documentation contributed by Josh Sakofsky

-- 
Additional References:

CVE:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0568

Nessus:
http://cgi.nessus.org/plugins/dump.php3?id=10855

--