Oracle 2005年7月更新修复多个安全漏洞

发布日期：2005-07-13
更新日期：2005-07-13

受影响系统：

Oracle Database 10g Release 1 10.1.0.4
Oracle Database 10g Release 1 10.1.0.3
Oracle Database 10g Release 1 10.1.0.2
Oracle Oracle9i Database Server Release 1 9.0.1.5 FIPS
Oracle Oracle9i Database Server Release 1 9.0.1.5
Oracle Oracle9i Database Server Release 1 9.0.1.4
Oracle Oracle9i Database Server Release 2 9.2.0.6
Oracle Oracle9i Database Server Release 2 9.2.0.5
Oracle Oracle8i Database Server Release 3 8.1.7.4
Oracle Oracle8i Database Server Release 3
Oracle Oracle8 Database Release 8.0.6 8.0.6.3
Oracle Enterprise Manager Grid Control 10g 10.1.0.3
Oracle Enterprise Manager Grid Control 10g 10.1.0.2
Oracle Enterprise Manager 10g Database Control 10.1.0.4
Oracle Enterprise Manager 10g Database Control 10.1.0.3
Oracle Enterprise Manager 10g Database Control 10.1.0.2
Oracle Enterprise Manager Application Server Control 9.0.4.1
Oracle Enterprise Manager Application Server Control 9.0.4.0
Oracle Application Server 10g (9.0.4) 9.0.4.1
Oracle Application Server 10g (9.0.4) 9.0.4.0
Oracle Oracle9i Application Server Release 2 9.0.3.1
Oracle Oracle9i Application Server Release 2 9.0.2.3
Oracle Oracle9i Application Server Release 1 1.0.2.2
Oracle Collaboration Suite Release 2 9.0.4.2
Oracle Collaboration Suite Release 2 9.0.4.1
Oracle E-Business Suite and Applications Release 11i 11.5.9
Oracle E-Business Suite and Applications Release 11i 11.5.8
Oracle E-Business Suite and Applications Release 11i 11.5.7
Oracle E-Business Suite and Applications Release 11i 11.5.6
Oracle E-Business Suite and Applications Release 11i 11.5.5
Oracle E-Business Suite and Applications Release 11i 11.5.4
Oracle E-Business Suite and Applications Release 11i 11.5.3
Oracle E-Business Suite and Applications Release 11i 11.5.2
Oracle E-Business Suite and Applications Release 11i 11.5.10
Oracle E-Business Suite and Applications Release 11i 11.5.1
Oracle E-Business Suite and Applications Release 11.0
Oracle Workflow 11.5.1 - 11.5.9.5
Oracle Forms and Reports 6.0.8.25
Oracle Forms and Reports 4.5.10.22
Oracle JInitiator 1.3.1
Oracle JInitiator 1.1.8
Oracle Developer Suite 9.0.5
Oracle Developer Suite 9.0.4.1
Oracle Developer Suite 9.0.4
Oracle Developer Suite 9.0.2.3
Oracle Developer Suite 10.1.2
Oracle Express Server 6.3.4.0

描述：

---

BUGTRAQ ID: 14238

Oracle Database是一款商业性质大型数据库系统。

各种Oracle Database Server、Oracle Enterprise Manager、Oracle Application Server、Oracle Collaboration Suite、Oracle E-Business Suite和Applications、Oracle Workflow、Oracle Forms and Reports、Oracle JInitiator、Oracle Developer Suite和Oracle Express Server受多个漏洞影响。

这些漏洞可能是本地或远程漏洞，影响Oracle产品的所有安全属性，可能造成信息泄漏或者非法权限提升等攻击。

<*来源：Gerhard Eschelbeck
Esteban Martínez Fayó
Alexander Kornbrust （ak@red-database-security.com）
Stephen Kost
David Litchfield （david@nextgenss.com）
Michael Murray
Aaron C. Newman （anewman@appsecinc.com）
Mike Sues （msues@rigelksecurity.com）

链接：http://www.integrigy.com/analysis.htm
http://marc.theaimsgroup.com/?l=bugtraq&m=112129082323341&w=2
http://marc.theaimsgroup.com/?l=bugtraq&m=112129177927502&w=2
http://marc.theaimsgroup.com/?l=bugtraq&m=112129452232307&w=2
http://marc.theaimsgroup.com/?l=bugtraq&m=112129398711846&w=2
http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html
*>

建议：

---

厂商补丁：

Oracle
------
Oracle已经为此发布了一个安全公告（cpujul2005）以及相应补丁:
cpujul2005：Critical Patch Update - July 2005
链接：http://www.oracle.com/technology/deploy/security/pdf/cpujul2005.html

补丁下载：

Oracle Database Server:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=311062.1

Oracle Application Server:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=311038.1

Oracle Collaboration Suite:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=311039.1

Oracle E-Business and Applications:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=311040.1

Oracle Enterprise Manager:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=311061.1

标签：

版权申明：本站文章部分自网络，如有侵权，请联系：west999com@outlook.com
特别注意：本站所有转载文章言论不代表本站观点，本站所提供的摄影照片，插画，设计作品，如需使用，请与原作者联系，版权归原作者所有