Summary
The remote Oracle tnslsnr has no password assigned.
An attacker may use this fact to shut it down arbitrarily, thus preventing legitimate users from using it properly.
Solution
use the lsnrctrl SET PASSWORD command to assign a password to, the tnslsnr.
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apple Safari JavaScript Implementation Information Disclosure Vulnerability (Windows)
- Adobe Reader Cross-Site Scripting & Denial of Service Vulnerabilities (Linux)
- Apache Tomcat Remote Code Execution Vulnerability - Sep14
- Apache Tomcat AJP Request Remote Denial Of Service Vulnerability
- Apache CouchDB Web Administration Interface Cross Site Scripting Vulnerability