STIGQter: STIG Summary: Oracle HTTP Server 12.1.3 Security Technical Implementation Guide Version: 1 Release: 7 Benchmark Date: 24 Jul 2020: STIGQter: STIG Summary: Oracle HTTP Server 12.1.3 Security Technical Implementation Guide Version: 1 Release: 7 Benchmark Date: 24 Jul 2020:SV-79111r1_rule
V-64621
SRG-APP-000516-WSR-000174
OH12-1X-000234
CAT I
10
1. At shell prompt, set "ORACLE_HOME" environment variable to $ORACLE_HOME location and export the variable.
2. At shell prompt, set "PATH" environment variable to "$ORACLE_HOME/ohs/bin:$ORACLE_HOME/bin:$ORACLE_HOME/perl/bin:$PATH" and export the variable.
3a. If AIX OS, at shell prompt, set "LIBPATH" environment variable to "$ORACLE_HOME/lib:$LIBPATH" and export the variable.
3b. If HP-UX OS, at shell prompt, set "SHLIB_PATH" environment variable to "$ORACLE_HOME/lib:$SHLIB_PATH" and export the variable.
3c. If Solaris OS, at shell prompt, set "LD_LIBRARY_PATH" environment variable to "$ORACLE_HOME/lib32:$LD_LIBRARY_PATH" and export the variable.
3d. If Linux or Other Unix OS, at shell prompt, set "LD_LIBRARY_PATH" environment variable to "$ORACLE_HOME/lib:$LD_LIBRARY_PATH" and export the variable.
4. Change the present working directory to "$ORACLE_HOME/ohs/bin" (e.g., cd $ORACLE_HOME/ohs/bin).
5. For each .conf file found to be at fault, execute dadTool.pl script (e.g., "perl dadTool.pl -f $DOMAIN_HOME/config/fmwconfig/compoennts/OHS/<componentName>/mod_plsql/dads.conf").
1. As required, open $DOMAIN_HOME/config/fmwconfig/components/OHS/<componentName>/httpd.conf and every .conf file (e.g., dads.conf) included in it with an editor.
2. Search for the "PlsqlDatabasePassword" directive.
3. If the directive is set in clear text, this is a finding.
V-64621
False
OH12-1X-000234
1. As required, open $DOMAIN_HOME/config/fmwconfig/components/OHS/<componentName>/httpd.conf and every .conf file (e.g., dads.conf) included in it with an editor.
2. Search for the "PlsqlDatabasePassword" directive.
3. If the directive is set in clear text, this is a finding.
M
2753