ISC StormCast for Wednesday, January 16th 2013 http://isc.sans.edu/podcastdetail.html?id=3061

86 Oracle Updates

Published: 2013-01-16
Last Updated: 2013-01-16 16:38:29 UTC
by Dan Goldberg (Version: 2)
1 comment(s)

Oracle has released a lengthy list of updates to many products. descriptions are available here: 
http://www.oracle.com/technetwork/topics/security/cpujan2013-1515902.html

Of the 86 Oracle updates released there are a few high risk updates listed:

CVE-2012-3220 (effecting Oracle Database server products) represents the highest severity with risk score of 9.0 (for a windows hosted database server) out of a possible 10, for *nix based servers the score is lower at 6.5. There is a remote exploit, requiring authentication.

Oracle Mobile Database server products are next on the list with the following CVEs and CVSS base scores, all have remote exploits without authentication via HTTP
CVE-2013-0361 10
CVE-2013-0366 10
CVE-2013-0362 7.8
CVE-2013-0363 7.8
CVE-2013-0364 7.8

The two following CVEs effect MySQL servers with a CVSS score of 9.0 and a remote exploit with authentication:
CVE-2012-5612
CVE-2012-5611

The remainder of the updates listed have scores of 7.5 or lower, and represent a mix of remote and local exploits some without authentication.

In most cases well designed defense in depth will protect most middleware and backend database servers from direct exploit. Limiting which hosts can communicate with these systems using both network and host based firewalls to reduce the attack plane for the servers to exploits that run through the application (SQL injection or similar) helps mitigate these attack vectors. Database and middleware servers that can be reached from any remote hosts are at greater risk to attack. Applying vendor updates after testing the application in non-production environments is still best practice in all cases.

If you run any of these impacted systems and can report on your experience with these updates please share that with us, and I will update or post another diary covering these experiences.

 

--
Dan
Volunteer Handler, Internet Storm Center

Keywords:
1 comment(s)

Comments

cwqwqwq
eweew<a href="https://www.seocheckin.com/edu-sites-list/">mashood</a>
WQwqwqwq[url=https://www.seocheckin.com/edu-sites-list/]mashood[/url]
dwqqqwqwq mashood
[https://isc.sans.edu/diary.html](https://isc.sans.edu/diary.html)
[https://isc.sans.edu/diary.html | https://isc.sans.edu/diary.html]
What's this all about ..?
password reveal .
<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure:

<a hreaf="https://technolytical.com/">the social network</a> is described as follows because they respect your privacy and keep your data secure. The social networks are not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go.

<a hreaf="https://technolytical.com/">the social network</a> is not interested in collecting data about you. They don't care about what you're doing, or what you like. They don't want to know who you talk to, or where you go. The social networks only collect the minimum amount of information required for the service that they provide. Your personal information is kept private, and is never shared with other companies without your permission
https://thehomestore.com.pk/

Diary Archives