Oracle Database Listener Program (tnslsnr) Service Blank Password

(C) 2001-2014 James W. Abendschan <[email protected]> (GPL)

Synopsis :

The remote database service is not password-protected.

Description :

The remote Oracle Listener Program (tnslsnr) has no password assigned.
An attacker may use this fact to shut it down arbitrarily, thus
preventing legitimate users from using it.

Solution :

Use the lsnrctrl CHANGE_PASSWORD command to assign a password to the

Risk factor :

Medium / CVSS Base Score : 5.0

Family: Databases

Nessus Plugin ID: 10660 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now