• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Oracle Database Auditing Insecure Default Configuration Vulnerability

Oracle is a commercial relational database product. Oracle is available for the Unix, Linux, and Microsoft Windows platforms.

An insecurity exists in the default configuration of Oracle database. Oracle Auditing is disabled in the default install and must be enabled by the user of the products. Oracle Auditing provides an interface for accounting of specific database objects, operations, users, and privileges.

As a result malicious activity may go undetected.