What determines a 'Powerful User' when running the report 'Powerful Users' against an Oracle endpoin (NETIQKB45217)

  • 7745217
  • 02-Feb-2007
  • 08-Sep-2008

Resolution

goal
What determines a 'Powerful User' when running the report 'Powerful Users' against an Oracle endpoint?

fact
VigilEnt Security Manager 4.1

fact
VigilEnt Security Agent for Oracle 2.0

fact
NetIQ Vulnerability Manager 5.0

fact
NetIQ Vulnerability Manager 5.5

fix

When running the 'Powerful Users' report against an Oracle endpoint, a 'Powerful User' is defined as follows:

  1. A user having DBA,SYSDBA or SYSOPER role(s).
  2. A user having any of the following privileges:
    • ADMINISTER DATABASE TRIGGER
    • ADMINISTER SECURITY
    • ALTER ANY DIMENSION
    • ALTER ANY LIBRARY
    • ALTER ANY ROLE
    • ALTER ANY SECURITY PROFILE
    • ALTER ANY TABLE
    • ALTER ANY TRIGGER
    • ALTER DATABASE
    • ALTER PROFILE
    • ALTER SYSTEM
    • ALTER TABLESPACE
    • ALTER USER
    • AUDIT ANY
    • AUDIT SYSTEM
    • BACKUP ANY TABLE
    • BECOME USER
    • CREATE ANY CONTEXT
    • CREATE ANY LIBRARY
    • CREATE ANY SECURITY PROFILE
    • CREATE ANY TRIGGER
    • CREATE LIBRARY
    • CREATE PROFILE
    • CREATE ROLE
    • CREATE SECURITY PROFILE
    • CREATE USER
    • DELETE ANY TABLE
    • DEQUEUE ANY QUEUE
    • DROP ANY CLUSTER
    • DROP ANY CONTEXT
    • DROP ANY DIMENSION
    • DROP ANY DIRECTORY
    • DROP ANY INDEX
    • DROP ANY INDEXTYPE
    • DROP ANY LIBRARY
    • DROP ANY OPERATOR
    • DROP ANY OUTLINE
    • DROP ANY PROCEDURE
    • DROP ANY ROLE
    • DROP ANY SECURITY PROFILE
    • DROP ANY SEQUENCE
    • DROP ANY SNAPSHOT
    • DROP ANY SYNONYM
    • DROP ANY TABLE
    • DROP ANY TRIGGER
    • DROP ANY TYPE
    • DROP ANY VIEW
    • DROP PROFILE
    • DROP PUBLIC DATABASE LINK
    • DROP PUBLIC SYNONYM
    • DROP ROLLBACK SEGMENT
    • DROP TABLESPACE
    • DROP USER
    • ENQUEUE ANY QUEUE
    • EXECUTE ANY LIBRARY
    • EXECUTE ANY PROCEDURE
    • EXEMPT ACCESS POLICY
    • GLOBAL QUERY REWRITE
    • GRANT ANY PRIVILEGE
    • GRANT ANY ROLE
    • INSERT ANY TABLE
    • LOCK ANY TABLE
    • MANAGE ANY QUEUE
    • MANAGE TABLESPACE
    • READUP
    • READUP DBHIGH
    • RESTRICTED SESSION
    • SELECT ANY DICTIONARY
    • SELECT ANY TABLE
    • SYSDBA
    • SYSOPER
    • UPDATE ANY TABLE
    • WRITEDOWN
    • WRITEDOWN DBLOW
    • WRITEUP
    • WRITEUP DBHIGH


Additional Information

Formerly known as NETIQKB45217