Re: Question on Oracle Security Alert for CVE-2012-1675
From: Ilmar Kerm <ilmar.kerm_at_gmail.com>
Date: Wed, 5 Sep 2012 13:37:18 +0300
Message-ID: <CAKnHwtdWFF0PFv5rkZd+cjcAnE8g9JSP1LXDriEABQyTeYFKHQ_at_mail.gmail.com>
On Wed, Sep 5, 2012 at 1:20 PM, Radoulov, Dimitre <dimitre.radoulov_at_gmail.com> wrote:
> On Wed, May 2, 2012 at 5:42 PM, Radoulov, Dimitre <cichomitiko_at_xxxxxxxxx>
> wrote:
>>>
>>> Hi,
>>> if I am reading Note 1340831.1 correctly, in order to secure the
>>> communication
>>> between pmon and the scan listeners, we'll need to use SSL.
>>>
>>> There is a note about _licensing changes_:
>
> [...]
>>
>> Although this note mentions Standard Edition RAC (11.2.0.3.2), has
>> anyone tried to apply this note on SE?
>> When I try to modify remote_listener on the database, I get
>>
>> ORA-02097: parameter cannot be modified because specified value is invalid
>> ORA-00119: invalid specification for system parameter REMOTE_LISTENER
>> ORA-00130: invalid listener address
>> '(ADDRESS=(PROTOCOL=TCPS)(HOST=10.69.132.41)(PORT=1523))'
>> ORA-00130: invalid listener address
>> '(ADDRESS=(PROTOCOL=TCPS)(HOST=10.69.132.42)(PORT=1523))'
>> ORA-00130: invalid listener address
>> '(ADDRESS=(PROTOCOL=TCPS)(HOST=10.69.132.43)(PORT=1523))'
>>
>> Works on Enterprise Edition... I guess I have to open SR.
>
>
>
> Hi Ilmar,
> did you manage to resolve the issue described above?
> I get the same errors now (11.2.0.3.3 SE) ...
Date: Wed, 5 Sep 2012 13:37:18 +0300
Message-ID: <CAKnHwtdWFF0PFv5rkZd+cjcAnE8g9JSP1LXDriEABQyTeYFKHQ_at_mail.gmail.com>
On Wed, Sep 5, 2012 at 1:20 PM, Radoulov, Dimitre <dimitre.radoulov_at_gmail.com> wrote:
> On Wed, May 2, 2012 at 5:42 PM, Radoulov, Dimitre <cichomitiko_at_xxxxxxxxx>
> wrote:
>>>
>>> Hi,
>>> if I am reading Note 1340831.1 correctly, in order to secure the
>>> communication
>>> between pmon and the scan listeners, we'll need to use SSL.
>>>
>>> There is a note about _licensing changes_:
>
> [...]
>>
>> Although this note mentions Standard Edition RAC (11.2.0.3.2), has
>> anyone tried to apply this note on SE?
>> When I try to modify remote_listener on the database, I get
>>
>> ORA-02097: parameter cannot be modified because specified value is invalid
>> ORA-00119: invalid specification for system parameter REMOTE_LISTENER
>> ORA-00130: invalid listener address
>> '(ADDRESS=(PROTOCOL=TCPS)(HOST=10.69.132.41)(PORT=1523))'
>> ORA-00130: invalid listener address
>> '(ADDRESS=(PROTOCOL=TCPS)(HOST=10.69.132.42)(PORT=1523))'
>> ORA-00130: invalid listener address
>> '(ADDRESS=(PROTOCOL=TCPS)(HOST=10.69.132.43)(PORT=1523))'
>>
>> Works on Enterprise Edition... I guess I have to open SR.
>
>
>
> Hi Ilmar,
> did you manage to resolve the issue described above?
> I get the same errors now (11.2.0.3.3 SE) ...
Yes, Oracle wrote a note "1457854.1 - How To Enable TCPS Support For Oracle Standard Edition" for this, but it's still not public. Please open an SR to see the note. The procedure was fairly simple, rename one library file and relink oracle.
-- Ilmar Kerm -- http://www.freelists.org/webpage/oracle-lReceived on Wed Sep 05 2012 - 05:37:18 CDT