Vulnerability   
Search   
    Search 202850 CVE descriptions
and 87302 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.150433
Category:Policy
Title:GaussDB Kernel: Disabling the Permission to Copy Files on the Server
Summary:The enable_copy_server_files parameter allows users with the sysadmin;permission to copy files on the server. However, sensitive files may be viewed or modified by unauthorized users during remote copy operations. Therefore, disable;this configuration for databases in the production environment. The default value;of this parameter is off, which indicates that only the initial user is allowed to;execute the COPY FROM FILENAME or COPY TO FILENAME statement.
Description:Summary:
The enable_copy_server_files parameter allows users with the sysadmin
permission to copy files on the server. However, sensitive files may be viewed or modified by unauthorized users during remote copy operations. Therefore, disable
this configuration for databases in the production environment. The default value
of this parameter is off, which indicates that only the initial user is allowed to
execute the COPY FROM FILENAME or COPY TO FILENAME statement.

CVSS Score:
0.0

CVSS Vector:
AV:L/AC:H/Au:S/C:N/I:N/A:N

CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 87302 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2021 E-Soft Inc. All rights reserved.