4.2.6 Ensure 'EXECUTE' Is Revoked from 'PUBLIC' on 'DBMS_STREAMS_ADM_UTL'

Information

As use of the DBMS_STREAMS_ADM_UTL package could allow an unauthorized user to run SQL commands as user SYS.

Solution

To remediate this setting execute the following SQL statement. REVOKE EXECUTE ON DBMS_STREAMS_ADM_UTL FROM PUBLIC;

See Also

https://workbench.cisecurity.org/files/601

Item Details

Audit Name: CIS Oracle Server 11g R2 DB v2.2.0

Plugin: OracleDB

Control ID: 275f7167002b3cac3bc8730c68cb1ec0fb747844b672f285cb5581299c7fe36c