|
AppDetective™ Update 5.2.3 - 22 December 2006
ENHANCEMENTS
Oracle - UPDATED CHECKS
- NEW! Critical Patch Update – October 2006
Examines if the database contains vulnerabilities described by Critical Patch Update – October 2006
Risk Level – High
- NEW! Auditing of Commands
Examines that the system-wide auditing of statements is configured in accordance with policy
Risk Level – Medium
- NEW! Listener Cleartext Password
Examines for the listener password being stored in clear text
Risk Level – Medium
- NEW! SNMP Unencrypted Password
Examines if the SNMP password is stored unencrypted in the snmp.ora or snmp_rw.ora file
Risk Level – Medium
- NEW! Require SSL Encryption
Examines if the server is configured to only allow encrypted connections using SSL
Risk Level – Medium
- NEW! Audit Trail Location
Examines if Oracle auditing is set to log audit data to the database or operating system files
Risk Level – Medium
- NEW! Roles Granted to PUBLIC
Examines for roles granted to PUBLIC. Roles are a used to group system and object privileges in the database. If a role is granted to a user, he inherits all privileges that have been granted to that role. Roles granted to PUBLIC are accessible to every user in the database.
Risk Level – Medium
- NEW! Logon Hours Validation
Examines audit logs for after hours connections. Security attacks often take place during non-business hours
Risk Level – Low
IBM DB2 UDB - UPDATED CHECKS
- UPDATED: Latest FixPak not installed
Updated to examine for latest FixPak
Risk Level – High
|
