the poison oracle,How to fix TNS Poison Vulnerability Issue (CVE-2012-1675) for 11g Express Edition

That depends......and “SECURE_REGISTER_LISTENER = (IPC)” work-around...

Using the IPC workaround should NOT interrupt "normal" client connections. Did you also set the IPC keyname in listener.ora AND listener_local database server init.ora parameter?

Before any changes, I successfully registered a remote windows XE db to a linux XE db listener, showing my linux db was vulnerable to the poison attack.

(lsnrctl services on the linux db server showed a "REMOTE SERVER" entry).

Applying the following changes stopped the exploit from being carried out:

listener.ora of 11.2 linux XE db to disallow remote db registering:# listener.ora Network Configuration File:SID_LIST_LISTENER =  (SID_LIST =    (SID_DESC =      (SID_NAME = PLSExtProc)      (ORACLE_HOME = /u01/app/oracle/product/11.2.0/xe)      (PROGRAM = extproc)    )  )LISTENER =  (DESCRIPTION_LIST =    (DESCRIPTION =      (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC_FOR_XE))      (ADDRESS = (PROTOCOL = TCP)(HOST = oraserver)(PORT = 1512))    )  )DEFAULT_SERVICE_LISTENER = (XE)SECURE_REGISTER_LISTENER = (IPC)

I bounced the listener (lsnrctl stop,... lsnrctl start)

Then configured linux xe db local_listener parameter:SQL> ALTER SYSTEM SET local_listener='(DESCRIPTION=(ADDRESS=(PROTOCOL=IPC)(KEY=EXTPROC_FOR_XE)))' SCOPE=BOTH;system altered

...and tried to re-register windows XE db...SQL> ALTER SYSTEM SET remote_listener ='...' SCOPE=MEMORY;system alteredSQL> ALTER SYSTEM REGISTER;system altered

Checked linux XE listener.log... and it had19-JAN-2017 16:03:28 * service_register_NSGR * 1194TNS-01194: The listener command did not arrive in a secure transport

showing failed register attempts from a "remote" db. Also running "lsnrctl services" on the linux server, there was no "REMOTE SERVER" listed.

Also tested a remote client connection via sqlplus:F:\> sqlplus name/[email protected]> select * from v$version;BANNER--------------------------------------------------------------------------------Oracle Database 11g Express Edition Release 11.2.0.2.0 - 64bit ProductionPL/SQL Release 11.2.0.2.0 - ProductionCORE    11.2.0.2.0      ProductionTNS for Linux: Version 11.2.0.2.0 - ProductionNLSRTL Version 11.2.0.2.0 - Production

In conclusion, the above steps worked for me in securing an Oracle 11 XE db from the poison attack whilst still allowing normal client connections

I can only surmise you didn't follow the steps correctly to set up the IPC "work around".

Cheers,

Gaz.