Description

Oracle 10g Database Server stores the password for the SYSMAN account in cleartext in the world-readable emoms.properties file, which could allow local users to gain DBA privileges.

Remediation

References

CVE-2004-1366

Related Vulnerabilities

MySQL CVE-2022-21302 Vulnerability (CVE-2022-21302)

MySQL CVE-2020-14672 Vulnerability (CVE-2020-14672)

PHP Improper Input Validation Vulnerability (CVE-2007-4840)

WebLogic CVE-2024-21175 Vulnerability (CVE-2024-21175)

Apache HTTP Server Other Vulnerability (CVE-2000-0913)

Severity

Medium

Classification

CVE-2004-1366

Tags

Missing Update Known Vulnerabilities