Penetration Testing mailing list archives
Eexecute privilege to 'public' on tables owned by 'sys' in Orac le
From: "INA (V. Brahmanandam)" <BrahmanandamV () emiratesbank com>
Date: Mon, 30 Jul 2001 08:02:40 +0400
Hi all, In my current assignment of Oracle security review, I have noticed that the following tables owned by 'SYS' had 'execute' privilege granted to 'PUBLIC' . This privilege has been granted to the 'public' by default, when Oracle is installed, as I understand. I would like to know, if a general user in the database can make an undue use of this privilege. I would appreciate any one in this list, who had a chance to review this earlier, offer me some info on this. Thanks and Regards. Brahma <<EXECUTE PERMISSION FOR PUBLIC.txt>>
Attachment:
EXECUTE PERMISSION FOR PUBLIC.txt
Description:
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- Eexecute privilege to 'public' on tables owned by 'sys' in Orac le INA (V. Brahmanandam) (Jul 30)