Plaintext Storage of SYS Password in Oracle HTML DB (HTMLDB) 1.3 through 1.3.6

Plaintext Storage of SYS Password in Oracle HTML DB (HTMLDB) 1.3 through 1.3.6

CVE-2005-3203 · MEDIUM Severity

AV:L/AC:L/AU:N/C:P/I:P/A:P

The manual installation of Oracle HTML DB (HTMLDB) 1.3 through 1.3.6 stores the SYS password in install.lst in plaintext, which allows local users to gain privileges.

Learn more about our User Device Pen Test.