7 Replies Latest reply on May 4, 2012 5:44 PM by Aman....

    TNS Listener Poison Attack - CVE-2012-1675

      I have few databases from Oracle 9i to Oracle 11g. Many are standalone instances,and few RAC instances.
      My questions are

      1) For standalone instances, will the following setting in listener.ora file and restarting listener addresses this vulnerability? Or is there any thing else we need to do? We want to avoid any patches now and see if we can resolve this quickly.


      2) If we dont configure "remote_listener", is it applicable for us?

      3) For RAC instances, I can follow the steps mentioned in
      Using Class of Secure Transport (COST) to Restrict Instance Registration in Oracle RAC [ID 1340831.1]