Oracle TNS Poison Vulnerability

最新推荐文章于 2023-11-07 16:54:50 发布
最新推荐文章于 2023-11-07 16:54:50 发布
阅读量1.8k 收藏
点赞数
分类专栏: 问题解决 文章标签: oracle
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/alaahong/article/details/20152419
版权

解决这个问题时alert-cve-2012-1675-1608180:Oracle Security Alert for CVE-2012-1675的记录, 直接从Send Items里摘出来自己的部分:


http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html

 

I think that’s a known securityissue as thus [alert-cve-2012-1675-1608180OracleSecurity Alert for CVE-2012-1675]

 
Affected Products and Versions
·        Oracle Database 11g Release 2, versions 11.2.0.2,11.2.0.3
·        Oracle Database 11g Release 1, version 11.1.0.7
·        Oracle Database 10g Release 2, versions 10.2.0.3,10.2.0.4, 10.2.0.5
 
 
Solution
 
Recommendations for protecting against this vulnerability can befound at:
·        My Oracle Support Note 1340831.1 for Oracle Databasedeployments that use Oracle Real Application Clusters (RAC).
·        My Oracle Support Note 1453883.1 for Oracle Databasedeployments that do not use RAC.
Please note that Oracle has added Oracle Advanced Security SSL/TLSto the Oracle Database Standard Edition license when used with the RealApplication Clusters and Oracle has added Oracle Advanced Security SSL/TLS tothe Enterprise Edition Real Application Clusters (Oracle RAC) and RAC One Nodeoptions so that the directions provided in the Support Notes referenced abovecan be applied by all Oracle customers without additional cost.
Note: Pleaserefer to the Oracle licensing documentation available on Oracle.com regardinglicensing changes that allow Oracle Advanced Security SSL/TLS to be used withOracle SE Oracle Real Application Clusters and Oracle Enterprise Edition RealApplication Customers (Oracle RAC) and Oracle RAC OneNode Options.
Due to thethreat posed by a successful attack, Oracle strongly recommends that customersapply this Security Alert solution as soon as possible.




Better than using workarounds is to patch thevulnerability[CVE-2012-1675].

However, you could do as thus if you were concerned to restartoracle:


 
Possible workarounds
--------------------
 
There are many possible workarounds. The easier one is to set the
following parameter in the listener.ora configuration file:
dynamic_registration = off.
 
But, sometimes, you don't want to apply this workaround. Inexample, if
you have an Oracle RAC cluster, all the cluster's instances mustbe
registered in both TNS Listeners so, this workaround is notsuitable for
Oracle RAC clusters. To apply this workaround with Oracle RAC
environments one needs to implement load balancing at the clientside,
changing all the client's tnsnames.ora configuration file to addthe
complete list of Oracle RAC nodes.
 
However, there is another possible workaround that, sometimes, is
suitable for Oracle RAC environments. Edit the file protocol.oraor, for
older versions, sqlnet.ora, at the server side and add thefollowing
directives:
 
  TCP.VALIDNODE_CHECKING = YES
  TCP.INVITED_NODE =(Comma,separated,list,of,ALL,valid,clients, ...)
 
But, anyway, this workaround doesn't prevent valid clients frombeing
used as proxies. Valid clients can still exploit the vulnerability
regardless the VALIDNODE_CHECKING directive added as the client isa
valid node.
 
Then again, there is one more suitable workaround: If customerbought
(and enabled) Oracle Advanced Security feature clients can beconfigured
to use SSL/TLS. Thus, at both client and server side, thefollowing
parameters must be changed in protocol.ora or sqlnet.ora:
 
  Client side: SQLNET.ENCRYPTION_CLIENT=REQUIRED
  Server side: SQLNET.ENCRYPTION_SERVER=REQUIRED
 
The value of these configuration directives must be REQUIRED andnot
REQUESTED, as is pretty common, otherwise the attacker can answerto the
connection attempt answering that no SSL cipher is supported atthe
server side (as the attacker's controlled box is for the clientthe
trusted database's server) and the client will reconnect withoutusing
SSL.




Here is more information aboutit…

http://seclists.org/fulldisclosure/2012/Apr/204

 

Then I did a easy way...

 

suneng23:/export/home/sfuser>lsnrctl
 
LSNRCTL for Solaris: Version11.2.0.3.0 - Production on 28-FEB-2014 02:05:56
 
Copyright (c) 1991, 2011,Oracle.  All rights reserved.
 
Welcome to LSNRCTL, type"help" for information.
 
LSNRCTL> setdynamic_registration off
Connecting to(ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
LISTENER parameter"dynamic_registration" set to OFF
The command completedsuccessfully
LSNRCTL>  setsave_config_on_stop on
Connecting to(ADDRESS=(PROTOCOL=tcp)(HOST=)(PORT=1521))
LISTENER parameter"save_config_on_stop" set to ON
The command completedsuccessfully
LSNRCTL> exit



alaahong
关注
专栏目录
OracleTNS协议解码
03-31
Oracle TNS(Transparent Network Substrate)协议是Oracle数据库系统中用于网络通信的一种协议,它允许客户端应用程序连接到Oracle服务器,实现数据库的透明访问。TNS协议处理了网络连接的复杂性,包括网络寻址、...
Oracle11.2.0.4.0版本CVE-2012-1675 解决方法
qq_33286695的博客
10-05 2229
适用版本 本方法仅适用于11.2.0.1.0以及更高版本。 安装系统 CentOS7.5 漏洞标识 CVE-2012-1675 问题描述 官网给出的解决方案如链接: 官网解决方案链接.但是并不适用11.2.0.1.0。我这里是单机版本。 漏洞解决: 文件下载: 步骤如下: Oracle Database 11g Release 11.2.0.1.0 ORACLE NET Patch for Bug# 12880299 for Linux-x86-64 Platforms (RAC Rolling Insta
CVE-2012-1675
DBAngelica的博客
10-15 2933
描述: The remote Oracle TNS listener allows service registration from a remote host. An attacker can exploit this issue to divert data from a legitimate database server or client to an attacker-specifi...
cve 绿盟 oracle,关于CVE-2012-1675
weixin_42395823的博客
04-15 1058
周五绿盟扫描电信系统,报告了一个安全漏洞,研究了下Normal07.8 磅02falsefalsefalseEN-USZH-CNX-NONEoracle安全警告在安全警告CVE-2012-1675中进行了描述:http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html这个漏洞的发现者和描述该漏...
oracle之远程数据投毒漏洞(CVE-2012-1675)复现
最新发布
weixin_68647219的博客
11-07 1927
CVE-2012-1675漏洞是Oracle允许攻击者在不提供用户名/密码的情况下,向远程“TNS Listener”组件处理的数据投毒的漏洞。举例:攻击者可以在不需要用户名密码的情况下利用网络中传送的数据消息(包括加密或者非加密的数据),如果结合(CVE-2012-3137漏洞进行密码破解)从而进一步影响甚至控制局域网内的任何一台数据库。COST 是class of secure transports 的缩写。是为了控制实例注册提供的一种安全控制机制。
Oracle TNS简述
04-09
### Oracle TNS 简述 #### 一、Oracle TNS 概览 TNS( Transparent Network Substrate)是 Oracle Net 的一部分,主要用于管理和配置 Oracle 数据库与客户端之间的连接。通常情况下,为了确保客户端能够与数据库...
oracle数据库tns配置方法详解
09-10
在多数场景下,客户端要与Oracle数据库通信,必须正确配置TNS。虽然在某些特殊情况下,如通过JDBC连接,可以不依赖TNS,但通常来说,TNS是必要的。 TNS并不是仅仅代表监听器,尽管监听器是其关键组成部分,用于接收...
ORACLE-TNS协议分析详解.doc
11-16
### ORACLE-TNS协议分析详解 #### 一、TNS介绍 TNS(Transparent Network Substrate)协议是Oracle数据库系统中用于实现客户端与服务端之间通信的重要协议之一。该协议支持多种传输方式,包括TCP/IP协议、SSL加密...
Oracle Security Alert for CVE-2012-1675
Amdy_amdy的博客
03-28 1060
Oracle Security Alert for CVE-2012-1675 Description This security alert addresses the security issue CVE-2012-1675, a vulnerability in the TNS listener which has been recently disclosed as "TNS List...
Oracle Database Server 'TNS Listener'远程数据投毒漏洞(CVE-2012-1675)的解决文档
05-25
安全厂家给出的解决办法: 链接:http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html 根据此链接得到解决方法: ? 1234 SolutionRecommendations for protecting against this vulnerability can be found at:My Oracle Support Note 1340831.1 for Oracle Database deployments that use Oracle Real Application Clusters (RAC).My Oracle Support Note 1453883.1 for Oracle Database deployments that do not use RAC. 目前这里环境不是RAC,参考文档1453883.1: Using Class of Secure Transport (COST) to Restrict Instance Registration (
listener-tnsname
09-09
listener-tnsnamelistener-tnsnamelistener-tnsnamelistener-tnsnamelistener-tnsnamelistener-tnsnamelistener-tnsnamelistener-tnsname
解决OpenSSL "SSL-Death-Alert" 拒绝服务漏洞(CVE-2016-8610)安全漏洞,升级OpenSSL到OpenSSL 1.1.0k
10-25
最近放开了https服务,安全组扫描出新的漏洞,现对原OpenSSL 1.0.1g版本升级到OpenSSL 1.1.0k,同时重新编译OpenSSH及nginx,在此提供升级脚本,仅供参考
oracle数据投毒,Oracle Database Server TNS Listener远程数据投毒漏洞(CVE-2012-1675)的完美解决方法...
weixin_30813385的博客
04-03 661
环境:Windows 2008 R2 + Oracle 10.2.0.3应用最新bundle patch后,扫描依然报出漏洞 Oracle Database Server 'TNS Listener'远程数据投毒漏洞(CVE-2012-1675)•1.确定解决方案•2.应用解决方案•3.验证修补情况•4.Reference1.确定解决方案安全厂家给出的解决办法:链接:http://www.orac...
Oracle远程投毒漏洞CVE-2012-1675解决方法
weixin_44455388的博客
08-12 1万+
版本: 本方法仅适用于11.2.0.4.0以及更高版本。 漏洞标识: CVE-2012-1675 解决方法: ①oracle安装用户下执行以下命令停止监听: lsnrctl stop ②在listener.ora文件最下面添加以下内容: VALID_NODE_CHECKING_REGISTRATION_LISTENER=ON listener.ora文件的位置一般在$ORACLE_HOME/network/admin下; 不知道怎么找的话,可以输入echo $ORACLE_HOME打印一下Oracle
Oracle TNS Poison vulnerability监听远程注册投毒漏洞
allway2的博客
08-21 960
Oracle TNS Poison vulnerability A few days after the last critical patch update Oracle had to post security alert for CVE-2012-1675. The issue also known as “TNS Listener Poison Attack” is affecting ...
1. 漏洞复测系列 -- Oracle TNS Listener远程数据投毒(CVE-2012-1675
Peter 的博客
01-15 9413
本系列文章旨在对于有一定网络安全基础的人员,在日常工作中扫描出来的各种漏洞,如何进行验证,以区分该漏洞是否存在或是扫描器误报。请勿应用非法途径。 1. Oracle TNS Listener远程数据投毒一. 使用scanner下扫描模块扫描是否存在漏洞。 该漏洞可以远程获取到oracle的内存信息,验证方法采用kali Linux系统集成的metasploit进行测试验证。 一. 使用sca...
Oracle TNS侦听器远程中毒(CVE-2012-1675)
冥净的博客
07-28 1086
[oracle@orac bin]$ netca -silent -responsefile /home/oracle/netca.rsp Parsing command line arguments: Parameter "silent" = true Parameter "responsefile" = /home/oracle/netca.rsp Done parsing command line arguments. Oracle Net Services Configuratio
ORACLE TNS Listener远程注册投毒(Poison Attack)漏洞
热门推荐
Wonderful's DBA Story
06-25 2万+
此次有用户正好大规模安全漏洞扫描后,发现此漏洞,该漏洞存在于Oracle DB的所有版本中,当然10g和11g均中招. Vulnerability Description(漏洞描述) This security alert addresses the security issue CVE-2012-1675, a vulnerability in the TNS listener wh
深入解读Oracle TNS协议解码技术
资源摘要信息:"OracleTNS协议解码" Oracle TNS协议是Oracle数据库中用于客户端和服务器端通信的一种网络协议。TNS是Transparent Network Substrate的缩写,代表透明网络基础结构。该协议允许应用程序通过网络以透明...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值