CVE-2012-1675

描述:

The remote Oracle TNS listener allows service registration from a remote host. An attacker can exploit this issue to divert data from a legitimate database server or client to an attacker-specified system. 

Successful exploits will allow the attacker to manipulate database instances, potentially facilitating man-in-the-middle, session- hijacking, or denial of service attacks on a legitimate database server.
Solution
Apply the workaround in Oracle's advisory.

11.2.0.4之前的版本:文档 ID 1453883.1

https://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html

官方解决方案:

https://support.oracle.com/epmos/faces/DocumentDisplay?id=1453883.1&_adf.ctrl-state=1cccli0s0m_58&_afrLoop=187866224239338

 

11.2.0.4及之后的版本:文档 ID 1600630.1

https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=263047357032932&parent=DOCUMENT&sourceId=1453883.1&id=1600630.1&_afrWindowMode=0&_adf.ctrl-state=55qj5an8p_199

单机的话,就直接在listener.ora文件末尾添加一句话:(listener_name要改成自己监听的名字)

VALID_NODE_CHECKING_REGISTRATION_listener_name=ON

之后重启:

IMPORTANT NOTE: A restart (not reload) of the listener process will be necessary after making the changes to VNCR in the listener.ora file:
LSNRCTL>set current_listener listener_name
LSNRCTL>stop
LSNRCTL>start

你可能感兴趣的:(oracle)