| VID |
25162 |
| Severity |
20 |
| Port |
1521, ... |
| Protocol |
TCP |
| Class |
DB |
| Detailed Description |
Unauthorized Object Owner exists in ORACLE server on the host system.
Object Owner must exist in DBA account and application's administrator account such as SYS, SYSTEM. Otherwise attacker can modify, delete the Object by using this vulnerability.
* Platforms Affected:
UNIX any version
Linux any version
Microsoft Windows any version |
| Recommendation |
Revoke the privilege by executing the following command:
SQL> REVOKE authority ON <object name> FROM <account> |
| Related URL |
(CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
