Discussions
Stay up-to-date with the latest news from NetSuite. You’ll be in the know about how to connect with peers and take your business to new heights at our virtual, in-person, on demand events, and much more.
Now is the time to ask your NetSuite-savvy friends and colleagues to join the NetSuite Support Community! Refer now! Click here to watch and learn more!
Update your Profile with your Support type to get your Support Type badge.
Expand your NetSuite knowledge by joining our Ask A Guru Live sessions. RSVP on this event now.
Uncover the power of data with the Analytics Hub —your ultimate guide to mastering NetSuite Saved Searches and Reports. Simplify the complex and unlock your organization's true potential. Dive into the Analytics Hub now and soar to new heights!
To help you get the most out of your 2025.2 Release Preview account, review the topics outlined in the 2025.2 Release Preview Guide.
SuiteWorld October 6 - 9, 2025: Agenda Builder is live!

Read on for the latest updates including:
• Agenda Builder launch
• SuiteWorld On Air registration
• New NetSuite Prompt Studio Contest
• And more!

Check out this thread to learn more!
Going to SuiteWorld? Connect with SuiteGurus—Your NetSuite Product Experts!

Don’t miss your chance to meet our SuiteGurus—NetSuite Support professionals and subject matter experts with extensive experience in select product areas, including OneWorld, Advanced & Basic Accounting, Supply Chain Management, Receivables & Payables, CRM, Account Administration, and the SuiteCloud Platform. Full Conference attendees can prebook exclusive 30-minute one-on-one sessions for your product questions.
Spots are limited! Register through your Agenda Builder and find SuiteGuru under Agenda Enhancements.

McAfee Vulnerability !!!

edited Dec 3, 2019 3:07PM in General 10 comments

Netsuite Team,

We have recently had the McAfee scan for our website for customers security sake.

It has given one security vulnerability as following:

Name : Oracle 9iAS Dynamic Monitoring Services

Category : SQL - Database

Impact : Information Disclosure

Description:

In a default installation of Oracle 9iAS, it is possible to access the Dynamic Monitoring Services pages anonymously. Access to these pages should be restricted.

http://DOMAIN/dms0

General Solution:

Edit the httpd.conf file to restrict access to /dms0.

Additional Information:
The default configuration of Oracle 9i Application Server 1.0.2.x allows remote anonymous users to access sensitive services without authentication, including Dynamic Monitoring Services (1) dms0, (2) dms/DMSDump, (3) servlet/DMSDump, (4) servlet/Spy, (5) soap/servlet/Spy, and (6) dms/AggreSpy; and Oracle Java Process Manager (7) oprocmgr-status and (8) oprocmgr-service, which can be used to control Java processes.

Howdy, Stranger!

Log In

To view full details, sign in.

Register

Don't have an account? Click here to get started!

Leaderboard

Community Whiz

Quarter 3 (Jul-Sep 2025)

This Week's Leaders

This Month's Leaders

All Time Leaders