Oracle Database Server 'TNS Listener'远程数据投毒漏洞(CVE-2012-1675)
一、解决方案
-
RAC:My Oracle Support Note 1340831.1
-
非 RAC:My Oracle Support Note 1453883.1
二、简单举例:非 RAC 操作步骤,1453883.1文档中
解决方案分两种
-
Restricting registration to the TCP protocol (Requires the fix for BUG:12880299)
-
Restricting registration to the IPC protocol (The patch for BUG:12880299 is NOT required for the IPC method)
本例采用第一种方式修复bug
-
Obtain and apply the patch for bug:12880299.
此处建议打最新的PSU -
添加"SECURE_REGISTER_[listener_name] = (TCP)"
LISTENER_PROD = (DESCRIPTION_LIST = (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.66.101)(PORT = 1521)) )) SECURE_REGISTER_LISTENER_PROD = (TCP)
-
重启监听
-
设置local_listener 参数
-
注册监听
SQL> alter system register;