Insecure Configuration File Permissions For INITDCSDTRS Service
(Doc ID 2979675.1)
Last updated on MAY 02, 2024
Applies to:
Oracle Cloud Infrastructure - Exadata Cloud Service - Version N/A to N/A [Release N/A]Information in this document applies to any platform.
Symptoms
Summary: Insecure configuration file permissions for INITDCSDTRS service could lead to privilege escalation
Description:
The configuration file for the INITDCSDTRS service (/etc/systemd/system/initdcsdtrs.service) belongs to the oracle user and can be written to.
-rw-r--r-- 1 oracle oinstall 708 Sep 21 14:49 /etc/systemd/system/initdcsdtrs.service
The oracle user can add the ExecStartPost option to define the script, which will run under the root user after the service is started.
Since the script is executed only after the service starts, the attacker will have to restart the service or restart the host.
Severity / CVSSv3 Score (Original): Medium / 6.2
• Possibly all hosts that make use of the same INITDCSDTRS service system configuration are likely affected
Recommended Remediation:
Change owner of /etc/systemd/system/initdcsdtrs.service to root.
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Symptoms |
Cause |
Solution |
References |