Oracle Database Server 'TNS Listener'远程数据投毒漏洞（CVE-2012-1675）

一、解决方案

1. RAC：My Oracle Support Note 1340831.1
2. 非 RAC：My Oracle Support Note 1453883.1 

二、简单举例：非 RAC 操作步骤，1453883.1文档中

1. Restricting registration to the TCP protocol (Requires the fix for BUG:12880299)
2. Restricting registration to the IPC protocol (The patch for BUG:12880299 is NOT required for the IPC method)

本例采用第一种方式修复bug

1. Obtain and apply the patch for bug:12880299. 
   此处建议打最新的PSU
2. 添加"SECURE_REGISTER_[listener_name] = (TCP)"
   
   

   LISTENER_PROD =
     (DESCRIPTION_LIST =
       (DESCRIPTION =
         (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.66.101)(PORT = 1521))
       ))
   
   SECURE_REGISTER_LISTENER_PROD = (TCP)

3. 重启监听
   
   
4. 设置local_listener 参数
5. 注册监听
   SQL> alter system register;