Home » RDBMS Server » Security » EXTPROC
EXTPROC [message #171530] Wed, 10 May 2006 06:25 Go to next message
gajini
Messages: 262
Registered: January 2006
Senior Member
I didn't understand the concept of EXTPROC in listener.ora & tnsnames.ora.I studied that EXTPROC causes security vulnerability
Anyone explain me with an example,how EXTPROC causes security vulnerability.


Can anyone explain these lines also with an example which i read about EXTPROC,"malicious user can write an exploit that connects to an Oracle Database server’ s EXTPROC OS process without having to authenticate himself."

Report message to a moderator

Re: EXTPROC [message #181867 is a reply to message #171530] Wed, 12 July 2006 00:23 Go to previous message
nmacdannald
Messages: 460
Registered: July 2005
Location: Stockton, California - US...
Senior Member
I think EXTPROC allows an external program to be run using the database owner's authrization. I will check, but I was told to comment out the EXTPROC lines in the sqlnet.ora

Report message to a moderator

Previous Topic: how to connect after creating passwd file
Next Topic: Grant select any table, revoke specific table
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ]

Current Time: Sat Jan 18 04:20:25 CST 2025
.:: Forum Home :: Blogger Home :: Wiki Home :: Contact :: Privacy ::.