Threat Level: green Handler on Duty: Xavier Mertens

SANS ISC: Patch for Oracle TNS Listener issue released ! - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Patch for Oracle TNS Listener issue released !

Just a quick update to Johannes's story on the 27th about the Oracle TNS listener vulnerability ( http://isc.sans.edu/diary.html?storyid=13069 )

We received two updates from our readers on this today:
Reader "anothergeek" posted a comment to Johannes's story, noting that a patch was released today - find details here ==> http://www.oracle.com/technetwork/topics/security/alert-cve-2012-1675-1608180.html

Shortly after, reader R.P. pointed us to a page that had proof of concept ( with a video no less) ==> http://eromang.zataz.com/2012/04/30/oracle-database-tns-poison-0day-video-demonstration/



So get that maintenance window scheduled folks!  Those patches don't do you any good in your Downloads folder!

From the perspective of someone who does audits and assessments, it's a sad thing to note that in many organizations it's tough to schedule maintenance on a large Oracle server.  So many applications get piled on these that database and operating system patches can be a real challenge to book, because an interruption in service can affect dozens or hundreds of applications.

Sadly this means that database patches are often quarterly or annual events.  Or "fairy tale events" (as in never-never).
 

===============
Rob VandenBrink
Metafore

Rob VandenBrink

458 Posts
ISC Handler
Please note that "Oracle Security Alert for CVE-2012-1675" is not a patch, it's just a workaround.
Sebastien

1 Posts Posts
The workarounds listed have been part of the DISA STIG's for some time - I find this 0 day to be slightly alarmest...
Anonymous

Posts

Sign Up for Free or Log In to start participating in the conversation!