Oracle Database Remote Pre-authenticated TNS Poison Vulnerability
Last Update Date:
30 Apr 2012 12:18
Release Date:
30 Apr 2012
5898
Views
RISK: High Risk
TYPE: Servers - Database Servers
A vulnerability has been identified in Oracle Database, which can be exploited by malicious people with network access to the TNS Listener to inject commands and/or hijack connections from the client to the database server.
Note: Currently, there is no patch available for this vulnerability and proof of concept exploit code is publicly available
Impact
- Remote Code Execution
System / Technologies affected
- Oracle Database version 8i to 11g R2
Solutions
- NOTE: Currently, there is no patch available for this vulnerability.
- Workaround
- Set the following parameter in the listener.ora configuration file
dynamic_registration = off - For Oracle RAC environments, edit the file protocol.ora or, for older versions, sqlnet.ora, at the server side and add the following directives:
TCP.VALIDNODE_CHECKING = YES
TCP.INVITED_NODE = (Comma,separated,list,of,ALL,valid,clients, ...) - Enable and configure Oracle Advanced Security feature clients to use SSL/TLS. Thus, at both client and server side, the following parameters must be changed in protocol.ora or sqlnet.ora
Client side: SQLNET.ENCRYPTION_CLIENT=REQUIRED
Server side: SQLNET.ENCRYPTION_SERVER=REQUIRED
- Set the following parameter in the listener.ora configuration file
Vulnerability Identifier
- No CVE information is available
Source
Related Link
Share with