2.1.2 Ensure 'extproc' Is Not Present in 'listener.ora'

Information

extproc should be removed from the listener.ora to mitigate the risk that OS libraries can be invoked by the Oracle instance.

Rationale:

extproc allows the database to run procedures from OS libraries. These library calls can, in turn, run any OS command.

Solution

To remediate this recommendation:
Remove extproc from the listener.ora file.

References:

http://docs.oracle.com/database/121/DBSEG/app_devs.htm#DBSEG656

See Also

https://workbench.cisecurity.org/files/2741

Item Details

Category: SYSTEM AND INFORMATION INTEGRITY

References: 800-53|SI-4, CSCv6|18.9, CSCv7|9.2

Plugin: Windows

Control ID: 6c29b3dcfb4ac6a15330207d86cf7fda7f00809bb209f32e986a391774951fa0