TeamSHATTER

Threat Finder

Threat ID

2490

Threat Date

12/30/2011

Threat Name

Parameter SEC_USER_AUDIT_ACTION_BANNER not set

CVE Reference

CVE-NO-MATCH

CCE Reference

CCE-NO-MATCH

Risk

Informational

Database Type

Oracle

Category

Informational

Versions

Oracle 11 and up

Summary

A banner should be set to warn a user about the possible audit actions that are taken when using the system. Set this parameter to the complete path to the file that contains the warning text.

Overview

Oracle enables the capability to set up a banner text to warn users that their connections are being audited. To configure these banners to display, set the SEC_USER_AUDIT_ACTION_BANNER sqlnet.ora parameter on the database server side to point to a text file that contains the banner information, and modify the client application to call OCI_ATTR_AUDIT_BANNER to retrieve audit banner text from the server.

References

http://docs.oracle.com/cd/E11882_01/network.112/e10835/sqlnet.htm#NETRF182
http://oracle.su/docs/11g/network.112/e10835/sqlnet.htm#BIIICDCD

VMSKey

STIGID

Additional information including fix script information is available in the licensed versions of Application Security's DbProtect and AppDetectivePro solutions.