In 2012, details of a vulnerability in the Oracle Database listener were published that allows an attacker to register with the database listener and to intercept and modify TNS network traffic between the client and database server. This “TNS Poison” attack allows an unauthenticated attacker with only network connectivity to compromise most database accounts.
The fix to prevent TNS Poison attacks was announced in April 2012, but was not fixed by the Critical Patch Update securtiy patch. Instead, manual changes are required to the database listener prior to 12c. Even though this vulnerability is four years-old, Integrigy routinely identifies vulnerable Oracle databases during our security assessments – hence the purpose of this webinar.
This education webinar demonstrates a TNS poison attack and how an Oracle database can be compromised without any database authentication. Required remediation steps for each database version are discussed as well as methods for checking if a database is protected or if it has been compromised.
Attachment | Size |
---|---|
Integrigy Oracle TNS Poisoning Attacks.pdf | 716.97 KB |