Oracle Database password weakness
Added: 05/12/2009Background
Oracle Database is a relational database solution available for multiple platforms.Problem
The Oracle Database service has accounts with default or easily guessed passwords, which could allow an attacker to make unauthorized SQL queries.Resolution
Set a strong password for all database accounts.References
http://www.dba-oracle.com/t_passwords_locking_changing_expiring.htmLimitations
If successful, this exploit returns an SQL command shell, not an operating system command shell.Back to exploit index