Ensure ‘extproc’ Is Not Present in ‘listener.ora’

Details

extproc should be removed from the listener.ora to mitigate the risk that OS libraries can be invoked by the Oracle instance.

Rationale:

extproc allows the database to run procedures from OS libraries. These library calls can, in turn, run any OS command.

Solution

To remediate this recommendation:
Remove extproc from the listener.ora file.

References:

http://docs.oracle.com/database/121/DBSEG/app_devs.htm#DBSEG656

Supportive Information

The following resource is also helpful.

https://workbench.cisecurity.org/files/2741

This security hardening control applies to the following category of controls within NIST 800-53: System and Information Integrity.This control applies to the following type of system Windows.

References

800-53|SI-4
CSCv6|18.9
CSCv7|9.2

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles