4.28 listener.ora - 'Use absolute paths in ENVS parameters'

Information

Allowing overly broad PATH and CLASSPATH variables could allow an attacker to leverage pathing issues and load malicious binaries or

See Also

https://workbench.cisecurity.org/files/580

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-7(2), CSCv6|8.4

Plugin: Unix

Control ID: 3f78d8fb29bb858fde77fae22c929a52f281a5a3297b61336fb6f25be546fae9