Korean

<< Back VID 14098 Severity 30 Port 22 Protocol TCP Class LSC Detailed Description The permission of main file such as configuration file, password file in ORACLE server on the host system is unsafe. The permission of files below $ORACLE_HOME should be set properly. $ORACLE_HOME/bin/oracle (permission 755) Below $ORACLE_HOME/bin (permission 755) sqlplus, sqlldr, sqlload, proc, oraenv, oerr, exp, imp, tkprof, tnsping, wrap Below $ORACLE_HOME/bin (permission 750) svrmgrl, lsnrctl, dbsnmp $ORACLE_HOME/nework (permission 755) Below $ORACLE_HOME/network/admin (permission 755) listener.ora, sqlnet.ora etc $ORACLE_HOME/lib (permission 755) Below $ORACLE_HOME/network/admin configuration file (permission 644) tnsnames.ora, protocol.ora, sqlpnet.ora $ORACLE_HOME/dbs/init.ora (permission 640) $ORACLE_HOME/dbs/init<SID>.ora (permission 640) * Platforms Affected: UNIX any version Linux any version Recommendation Set the below file's permission properly by executing the following command: # chmod 755 $ORACLE_HOME/bin/oracle # chmod 755 $ORACLE_HOME/bin/sqlplus, sqlldr, sqlload, proc, oraenv, oerr, exp, imp, tkprof, tnsping, wrap # chmod 750 $ORACLE_HOME/bin/svrmgrl, lsnrctl, dbsnmp # chmod 755 $ORACLE_HOME/nework # chmod 755 $ORACLE_HOME/network/admin/listener.ora, sqlnet.ora # chmod 640 $ORACLE_HOME/dbs/init.ora # chmod 640 $ORACLE_HOME/dbs/init<SID>.ora Related URL (CVE) Related URL (SecurityFocus) Related URL (ISS)