CPU Patches October 2009 (Oracle Critical Update Program)

October 23, 2009 at 6:38 am

[] [] [] [] [] []

Symptom
Refer to the general information about the Critical Patch Updates (CPU) in the CPU composite note 850306.
Oracle 10.2.0.4
The following patch molecules are installed with CPUOct2009:
7155248 – DB-10.2.0.4-MOLECULE-001-CPUJUL2008
7155249 – DB-10.2.0.4-MOLECULE-002-CPUJUL2008
7155250 – DB-10.2.0.4-MOLECULE-003-CPUJUL2008
7155251 – DB-10.2.0.4-MOLECULE-004-CPUJUL2008
7155252 – DB-10.2.0.4-MOLECULE-005-CPUJUL2008
7155253 – DB-10.2.0.4-MOLECULE-006-CPUJUL2008
7155254 – DB-10.2.0.4-MOLECULE-007-CPUJUL2008
7197583 – DB-10.2.0.4-MOLECULE-008-CPUJUL2008
7375611 – DB-10.2.0.4-MOLECULE-009-CPUOCT2008
7375613 – DB-10.2.0.4-MOLECULE-0010-CPUOCT2008
7375617 – DB-10.2.0.4-MOLECULE-0011-CPUOCT2008
7609057 – DB-10.2.0.4-MOLECULE-0012-CPUJAN2009
7609058 – DB-10.2.0.4-MOLECULE-0013-CPUJAN2009
8309587 – DB-10.2.0.4-MOLECULE-014-CPUAPR2009
8309592 – DB-10.2.0.4-MOLECULE-015-CPUAPR2009
8309623 [...]

Authorized access to SAPFTP

October 23, 2009 at 4:47 am

[] [] [] [] []

Symptom
The settings defined for SAPFTP does not include authorization checks based on user or based upon the source of request. No authorization checks are performed in the system while starting of the external program SAPFTP.
Note:
Every ABAP installation would have the external program SAPFTP.
To ensure system security, authorized access to this program is
necessary [...]

Authorized access to SAPHTTP

October 22, 2009 at 8:49 pm

[] [] [] [] []

Symptom
The settings defined for SAPHTTP does not include authorization checks based on user or based upon the source of request. No authorization checks are performed in the system while starting of the external program SAPHTTP.
Note:
Every ABAP installation would have the external program SAPHTTP.
To ensure system security,authorized access to this program is necessary [...]

Using Oracle Database Vault in an SAP environment

July 22, 2009 at 11:40 am

[] [] [] [] [] [] [] [] [] [] []

Symptom
This note refers to the use of Oracle Database Vault with SAP.
This note contains all of the information you require to use Oracle Database Vault (DV) in an SAP environment.
This note applies to Oracle Release 10.2.0.4.
Other terms
Oracle Database Vault, SAP Database Security, Database Vault, SAP, compliance, regulation, vault, Oracle
Reason and Prerequisites
The prerequisites for using Oracle [...]

SAP NetWeaver Process Integration 7.1 Documentation

July 21, 2009 at 4:41 am

[] [] [] [] [] [] [] [] [] [] [] [] [] [] []

Symptom
***************************************************************
* Documentation-relevant changes to the *
* SAP Library for SAP NetWeaver Process Integration 7.1 *
***************************************************************
Other terms
SAP NetWeaver AS ABAP, SAP NetWeaver AS Java, SOA, Web Services, Security Guide, [...]

Oracle Critical Patch Update Program

July 17, 2009 at 5:38 pm

[] [] [] [] [] [] [] [] [] [] []

Symptom
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *
This note is issued as a Hot News. Check the note regularly for updates. Otherwise, you will not be [...]

CPU Patches July 2009 (Oracle Critical Update Program)

July 17, 2009 at 5:32 pm

[] [] [] [] [] [] [] [] [] []

Symptom
Refer to the general information about the Critical Patch Updates (CPU) in the CPU composite note 850306.
Oracle 10.2.0.4
The following patch molecules are installed with CPUJul2009:
7155248 – DB-10.2.0.4-MOLECULE-001-CPUJUL2008
7155249 – DB-10.2.0.4-MOLECULE-002-CPUJUL2008
7155250 – DB-10.2.0.4-MOLECULE-003-CPUJUL2008
7155251 – DB-10.2.0.4-MOLECULE-004-CPUJUL2008
7155252 – DB-10.2.0.4-MOLECULE-005-CPUJUL2008
7155253 – DB-10.2.0.4-MOLECULE-006-CPUJUL2008
7155254 – DB-10.2.0.4-MOLECULE-007-CPUJUL2008
7197583 – DB-10.2.0.4-MOLECULE-008-CPUJUL2008
7375611 – DB-10.2.0.4-MOLECULE-009-CPUOCT2008
7375613 – DB-10.2.0.4-MOLECULE-0010-CPUOCT2008
7375617 – DB-10.2.0.4-MOLECULE-0011-CPUOCT2008
7609057 – DB-10.2.0.4-MOLECULE-0012-CPUJAN2009
7609058 – DB-10.2.0.4-MOLECULE-0013-CPUJAN2009
8309587 – DB-10.2.0.4-MOLECULE-014-CPUAPR2009
8309592 – DB-10.2.0.4-MOLECULE-015-CPUAPR2009
8309623 [...]

Use of network security products

July 13, 2009 at 11:40 pm

[] [] [] [] [] [] [] [] [] [] [] [] [] []

Symptom
Inquiries:
Preconditions when using network security productsSecure authentication and confidentiality
Other terms
Security, Secure Single Sign-On, encryption, data security, DCE, smart cards, secure authentication, privacy
Reason and Prerequisites
The SNC functions are officially available in SAP Systems as of Release 3.1G.
Solution
The SNC (Secure Network Communications) functions allow you to use an external security product to secure the communications between [...]

Security Troubleshooting Guide For NetWeaver J2EE 640/700

June 14, 2009 at 6:06 pm

[] [] [] [] []

Symptom
This note contains a troubleshooting guide which can be used for analysing security related problems in the SAP J2EE NetWeaver Engine. The guide is valid for the NW04 and NW04s releases, including EhP1 and EhP2 of NW04s.
Other terms
authentication, authorization, security session, single sign-on, SSO, SPNego, Kerberos, SSL, keystore, HeaderVariableLoginModule, ClientCertLoginModule, BasicPasswordLoginModule
Reason and [...]

Oracle database security

June 14, 2009 at 12:25 am

[] [] [] [] []

Symptom
On October 31, 2005, a PL/SQL worm program was published in the Internet. This worm program called”Oracle Worm Voyager”is relatively harmless and luckily hardly causes any damage. However, variants of this program have been developed and published since then. Therefore, further developments are to be expected which may possibly cause more harm.
As [...]