CVE-2004-1367

2004-08-04T00:00:00
ID CVE-2004-1367
Type cve
Reporter NVD
Modified 2016-10-17T22:53:35

Description

Oracle 10g Database Server, when installed with a password that contains an exclamation point ("!") for the (1) DBSNMP or (2) SYSMAN user, generates an error that logs the password in the world-readable postDBCreation.log file, which could allow local users to obtain that password and use it against SYS or SYSTEM accounts, which may have been installed with the same password.