| VID |
14089 |
| Severity |
40 |
| Port |
22 |
| Protocol |
TCP |
| Class |
LSC |
| Detailed Description |
startWebLogic.sh which is the service daemon execution file of WebLogic Application Server is not safe for secuirty reasons.
startWebLogic.sh is a script file to start WebLogic Application Server. If there is permission to write to the file, Serious problems can occur for secuirty reason. Therefore, Restriction is necessary for non-administrative users to write.
* Platforms Affected:
UNIX, Linux |
| Recommendation |
Remove other user's write permissions from the file as the following
chmod o-w (if the group has write permission: g-w) ./startWebLogic.sh
ex) chmod o-w /u01/app/Oracle/Middleware/user_projects/domains/base_domain/bin/startWebLogic.sh
ex) chmod g-w /u01/app/Oracle/Middleware/user_projects/domains/base_domain/bin/startWebLogic.sh |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
