Oracle Database Listener Program (tnslsnr) Service Blank Password

(C) 2001-2014 James W. Abendschan <> (GPL)

Synopsis :

The remote database service is not password-protected.

Description :

The remote Oracle Listener Program (tnslsnr) has no password assigned.
An attacker may use this fact to shut it down arbitrarily, thus
preventing legitimate users from using it.

Solution :

Use the lsnrctrl CHANGE_PASSWORD command to assign a password to the

Risk factor :

Medium / CVSS Base Score : 5.0

Family: Databases

Nessus Plugin ID: 10660 ()

Bugtraq ID: