Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Nmap NSE net: oracle-enum-users
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Attempts to enumerate valid Oracle user names against unpatched Oracle 11g servers (this bug was fixed in Oracle's October 2009 Critical Patch Update). SYNTAX: userdb: The filename of an alternate username database. passdb: The filename of an alternate password database. tns.sid: specifies the Oracle instance to connect to unpwdb.userlimit: The maximum number of usernames 'usernames' will return (default unlimited). unpwdb.passlimit: The maximum number of passwords 'passwords' will return (default unlimited). oracle-enum-users.sid: the instance against which to attempt user enumeration unpwdb.timelimit: The maximum amount of time that any iterator will run before stopping. The value is in seconds by default and you can follow it with 'ms', 's', 'm', or 'h' for milliseconds, seconds, minutes, or hours. For example, 'unpwdb.timelimit=30m' or 'unpwdb.timelimit=.5h' for 30 minutes. The default depends on the timing template level (see the module description). Use the value '0' to disable the time limit.