Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> security vulnerability in 9.2.0.1 - XDB

security vulnerability in 9.2.0.1 - XDB

From: Paul Drake <drak0nian_at_yahoo.com>
Date: 19 Aug 2003 04:11:33 -0700
Message-ID: <1ac7c7b3.0308190311.472ea6b1@posting.google.com> 





I caught this one off of the SANS mailing list this morning.



http://www.symantec.com/avcenter/security/Content/8375.html



It appears that the default database config using dbca does create
this service.


I do not yet know if the fix for this is included in the 9.2.0.4
patchset.


It seems reasonable to me to simply disable the service that starts
the daemon that listens on the 2 ports. I'm looking forward to
Oracle's announcement on this item.



Pd
Received on Tue Aug 19 2003 - 06:11:33 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US