Hi All
Recently i posted a note to this list about a document about Oracle
security that i wrote and its had quite a lot of feedback so i thought
people on this list might be interested in a new paper i have created on
all of the Oracle default users and passwords that i could find. There
are now 109 on the list. I still have some more area's to investigate so
there should be more to come.
The list is a table of usernames, passwords and hashes. Also included
with the paper is an SQL script that can be run in SQL*Plus to check if
any of the default users exist in the Oracle database and if the
passwords are still set to the default value.
I also intend this table to be a central list for Oracle default Users
and their defaults passwords. So please if anyone comes across any
usernames / passwords that i have not listed then please let me know.
The list and script is available at http://www.pentest-
limited.com/default-user.htm.
I would like to acknowledge Aaron Newman for letting me update my list
with usernames from his list that i did not have and David Litchfield
has also provided some names that i will add over the next couple of
days.
regards
Pete
--
Pete Finnigan
IT Security Consultant
PenTest Limited
Office 01565 830 990
Fax 01565 830 889
Mobile 07974 087 885
pete.finnigan_at_pentest-limited.com
www.pentest-limited.com
----------------------------------------------------------------------------
This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
Service. For more information on SecurityFocus' SIA service which
automatically alerts you to the latest security vulnerabilities please see:
https://alerts.securityfocus.com/
Received on Nov 05 2001
Intro
