{"vuid":"VU#712723","idnumber":"712723","name":"Oracle 9iAS default configuration uses well-known default passwords","keywords":["Oracle 9iAS","default configuration","default passwords"],"overview":"Oracle Database Server version 9iAS installs with up to 160 distinct default login accounts. The usernames and passwords for these have been made publicly available and could be used by an attacker to gain access to an Oracle server.","clean_desc":"Depending on the components chosen at installation time, Oracle Database Server version 9iAS (and possibly other versions) includes in its default configuration as many as 160 accounts with known usernames and passwords. Many of the passwords are the same as the corresponding username, making it even easier for attackers to gain access. Additionally, some Oracle components include functionality that relies on the existence of the default logins with their default passwords.","impact":"Attackers may gain access to the Oracle server through a known default login account.","resolution":"Change passwords on Oracle's default login accounts. See the complete list of default logins in Appendix A of David Litchfield's white paper, \"Hackproofing Oracle Application Server,\" located at: http://www.nextgenss.com/papers/hpoas.pdf Be sure to consult Oracle documentation to learn whether changing passwords may disrupt Oracle functionality in your environment.","workarounds":"None.","sysaffected":"","thanks":"Thanks to David Litchfield for reporting this vulnerability.","author":"This document was written by Shawn Van Ittersum.","public":["h","t","t","p",":","/","/","w","w","w",".","n","e","x","t","g","e","n","s","s",".","c","o","m","/","p","a","p","e","r","s","/","h","p","o","a","s",".","p","d","f"],"cveids":[""],"certadvisory":"","uscerttechnicalalert":null,"datecreated":"2002-02-27T00:11:27Z","publicdate":"2002-01-10T00:00:00Z","datefirstpublished":"2002-02-27T00:07:10Z","dateupdated":"2002-02-27T00:25:54Z","revision":11,"vrda_d1_directreport":"","vrda_d1_population":"","vrda_d1_impact":"","cam_widelyknown":"15","cam_exploitation":"0","cam_internetinfrastructure":"10","cam_population":"15","cam_impact":"5","cam_easeofexploitation":"20","cam_attackeraccessrequired":"16","cam_scorecurrent":"11.25","cam_scorecurrentwidelyknown":"13.5","cam_scorecurrentwidelyknownexploited":"22.5","ipprotocol":"","cvss_accessvector":"","cvss_accesscomplexity":"","cvss_authentication":null,"cvss_confidentialityimpact":"","cvss_integrityimpact":"","cvss_availabilityimpact":"","cvss_exploitablity":null,"cvss_remediationlevel":"","cvss_reportconfidence":"","cvss_collateraldamagepotential":"","cvss_targetdistribution":"","cvss_securityrequirementscr":"","cvss_securityrequirementsir":"","cvss_securityrequirementsar":"","cvss_basescore":"","cvss_basevector":"","cvss_temporalscore":"","cvss_environmentalscore":"","cvss_environmentalvector":"","metric":11.25,"vulnote":null}