Oracle Database Server 'TNS Listener'远程数据投毒漏洞(CVE-2012-1675)
一、解决方案
RAC:My Oracle Support Note 1340831.1
非 RAC:My Oracle Support Note 1453883.1
二、简单举例:非 RAC 操作步骤,1453883.1文档中解决方案分两种
Restricting registration to the TCP protocol (Requires the fix for BUG:12880299)
Restricting registration to the IPC protocol (The patch for BUG:12880299 is NOT required for the IPC method)
本例采用第一种方式修复bug
Obtain and apply the patch for bug:12880299.
此处建议打最新的PSU
添加"SECURE_REGISTER_[listener_name] = (TCP)"
LISTENER_PROD=(DESCRIPTION_LIST=(DESCRIPTION=(ADDRESS=(PROTOCOL=TCP)(HOST=192.168.66.101)(PORT=1521))))SECURE_REGISTER_LISTENER_PROD=(TCP)
重启监听
设置local_listener 参数
注册监听
SQL>altersystemregister;
声明:本站所有文章资源内容,如无特殊说明或标注,均为采集网络资源。如若本站内容侵犯了原著者的合法权益,可联系本站删除。
