|Check Point Reference:||CPAI-2012-287|
|Date Published:||2 Jul 2012|
|Protection Provided by:||
|Who is Vulnerable?|| Oracle Database 10g Release 2 10.2.0.3 |
Oracle Database 10g Release 2 10.2.0.4
Oracle Database 10g Release 2 10.2.0.5
Oracle Database 11g Release 1 220.127.116.11
Oracle Database 11g Release 2 18.104.22.168
Oracle Database 11g Release 2 22.214.171.124
|Vulnerability Description||An authentication weakness vulnerability has been reported in Oracle Database's TNS listener component.|
|Vulnerability Details||The vulnerability is due to a lack of authentication of database server instances registrations. A remote attacker can exploit this vulnerability by registering a malicious database instance. By doing so, the attacker would be able to divert traffic of legitimate clients to the attacker's server. Successful exploitation could allow the attacker to cause a denial of service condition, eavesdrop on connections, or hijack the diverted connections to access the database server with the security privileges of the user whose connection was hijacked.|
This protection will detect and block the transferring of a malicious message to the target host.
In order for the protection to be activated, update your product to the latest update. For information on how to update , go to SBP-2006-05, Protection tab and select the version of your choice.
SmartView Tracker will log the following entries:
Attack Name: Oracle Protection Violation
Attack Information: Oracle Database TNS Listener Service Registration Authentication Weakness