Oracle Default SID

Info Nessus Plugin ID 22074

Synopsis

It was possible to identify databases on the remote host.

Description

The remote Oracle database server either contains one or more databases that use well-known System Identifiers (SIDs) or supports the 'services' command as a means of listing available SIDs on the affected system.

Since an Oracle SID serves to uniquely identify a particular database on a given host and is required when connecting to an Oracle database, an attacker can leverage these SIDs to attempt to access databases on the remote host.

Solution

Change any SIDs that are identified.

Plugin Details

Severity: Info

ID: 22074

File Name: oracle_default_sids.nbin

Version: 1.141

Type: remote

Family: Databases

Published: 2006/07/19

Updated: 2019/10/30

Dependencies: 22073

Risk Information

Risk Factor: Info

Vulnerability Information

CPE: cpe:/a:oracle:database_server