WEBLOGIC 11G (10.3.6) windows PSU 升级10.3.6.0.171017(Java 反序列化漏洞升级)

10.3.6版本的weblogic需要补丁到10.3.6.0.171017(2017年10月份的补丁,Java 反序列化漏洞升级),oracle官方建议至少打上2017年10月份补丁;10.3.6以下的版本需要升级至10.3.6 然后在补丁升级。

一、查看版本

1、用下面命令重配环境变量
D:\Oracle\Middleware\wlserver_10.3\server\bin
setWLSEnv.cmd

1.1、查看weblogic version

D:\Oracle\Middleware\utils\bsu>java weblogic.version

WebLogic Server Temporary Patch for BUG22248372 Tue Nov 24 00:35:04 MST 2015
WebLogic Server 10.3.6.0.12 PSU Patch for BUG20780171 THU JUN 18 15:54:42 IST 2015
WebLogic Server 10.3.6.0 Tue Nov 15 08:52:36 PST 2011 1441050

Use ‘weblogic.version -verbose‘ to get subsystem information

Use ‘weblogic.utils.Versions‘ to get version information for all modules

D:\Oracle\Middleware\utils\bsu

C:\Program Files (x86)\Java\jdk1.6.0_43

1.2、weblogic version详细信息
D:\Oracle\Middleware\utils\bsu>java weblogic.version -verbose

WebLogic Server Temporary Patch for BUG22248372 Tue Nov 24 00:35:04 MST 2015 ImplVersion: 10.3.6.0
WebLogic Server 10.3.6.0.12 PSU Patch for BUG20780171 THU JUN 18 15:54:42 IST 2015 ImplVersion: 10.3.6.0
WebLogic Server 10.3.6.0 Tue Nov 15 08:52:36 PST 2011 1441050 ImplVersion: 10.3.6.0
Oracle WebLogic Server Module Dependencies 10.3 Thu Sep 29 17:47:37 EDT 2011 ImplVersion: 10.3.6.0
Oracle WebLogic Server on JRockit Virtual Edition Module Dependencies 10.3 Wed Jun 15 17:54:24 EDT 2011 ImplVersion: 10.3.6.0
Oracle Virtual Machine Manager Client implementation ImplVersion: 1.1.0.0
WebLogic Descriptors for J2EE 1.6 Wed Dec 1 17:14:50 EST 2010 ImplVersion: 1.6.0.0
WebLogic Descriptors for J2EE 1.6 Binding Bundle ImplVersion: 1.6.0.0
WebLogic Specific Descriptors 1.4 Mon Aug 8 09:26:15 MDT 2011 ImplVersion: 1.4.0.0
WebLogic Specific Descriptors 1.4 Binding Bundle ImplVersion: 1.4.0.0
WebLogic Datasource 1.10 Sat Nov 12 08:11:09 PST 2011 ImplVersion: 1.10.0.0
WebLogic Datasource 1.10 Binding Bundle ImplVersion: 1.10.0.0
WebLogic Beangen Client Capable 1.7 Wed Feb 24 16:02:48 PST 2010 ImplVersion: 1.7.0.0
WebLogic Beangen 1.7 Binding Bundle ImplVersion: 1.7.0.0
WebLogic Management Core Interfaces Client Capable 2.9 Thu Aug 11 17:17:14 PDT 2011 ImplVersion: 2.9.0.1
WebLogic Management Core Interfaces 2.9 Binding Bundle ImplVersion: 2.9.0.1
WebLogic EJBGen Client Capable 1.1 Tue Nov 2 03:30:53 PDT 2010 ImplVersion: 1.1.0.3
WebLogic STAX Client Capable 1.10 Wed Jun 8 09:12:28 EDT 2011 ImplVersion: 1.10.0.0
WebLogic Utils Client Capable 1.10 Sat Oct 29 15:34:23 MDT 2011 ImplVersion: 1.10.0.0
WebLogic SAAJ 1.8 Mon Oct 17 02:49:29 PDT 2011 ImplVersion: 1.8.0.0
WebLogic Apache Classes Client Capable 1.3 Mon Sep 19 23:58:26 EDT 2011 ImplVersion: 1.3.0.1
WebLogic BeanInfo Caching and Discovery Client Capable 2.4 Sat Oct 25 20:46:29 PDT 2008 ImplVersion: 2.4.0.0
WebLogic Descriptor Client Capable 1.10 Wed Aug 10 12:59:06 PDT 2011 ImplVersion: 1.10.0.0
Oracle JFR 1.0 Thu Feb 18 19:06:33 PST 2010 ImplVersion: 1.0.0.0
WebLogic Diagnostics Core Interfaces Client Capable 2.6 Thu Oct 6 01:11:08 EDT 2011 ImplVersion: 2.6.0.0
WebLogic Diagnostics Logging Client Capable 1.2 Fri Dec 12 11:37:59 MST 2008 ImplVersion: 1.2.0.0
WebLogic Diagnostics Query Module Client Capable 1.3 Fri Jul 1 07:32:00 PDT 2011 ImplVersion: 1.3.0.0
WebLogic Diagnostics Instrumentor Tool 1.8 Thu Oct 6 01:11:08 EDT 2011 ImplVersion: 1.8.0.0
WebLogic Diagnostics Instrumentor Config Tool 1.8 Thu Oct 6 01:11:08 EDT 2011 ImplVersion: 1.8.0.0
WebLogic Diagnostics JRockit Flight Recorder Interfaces Client Capable 1.2 Wed Dec 1 17:41:28 EST 2010 ImplVersion: 1.2.0.0
WebLogic i18n Runtime Support Client Capable 1.9 Thu Sep 1 07:41:47 PDT 2011 ImplVersion: 1.9.0.0
WebLogic i18n Build Support Client Capable 1.5 Fri Feb 19 15:03:15 EST 2010 ImplVersion: 1.5.0.0
WebLogic I18N tools Client Capable 1.4 Thu Sep 1 07:41:47 PDT 2011 ImplVersion: 1.4.0.0
WebLogic Management JMX Interfaces 1.4 Fri Sep 16 16:19:28 EDT 2011 ImplVersion: 1.4.2.0
WebLogic Security Provider Generation Tool 1.5 Wed Oct 14 16:39:28 MDT 2009 ImplVersion: 1.5.0.0
WebLogic Security Provider Generation Tool Client Capable 1.5 Wed Oct 14 16:39:28 MDT 2009 ImplVersion: 1.5.0.0
WebLogic Messaging Kernel Client Capable 1.8 Mon Aug 23 21:42:11 EDT 2010 ImplVersion: 1.8.0.0
WebLogic Resource Pool Client Capable 1.8 Thu Oct 6 16:06:35 PDT 2011 ImplVersion: 1.8.0.0
WebLogic Socket Muxer API Client Capable 1.3 Thu Aug 18 16:24:35 EDT 2011 ImplVersion: 1.3.0.0
WebLogic RMI Client Capable 1.11 Tue Sep 20 15:07:37 EDT 2011 ImplVersion: 1.11.0.0
WebLogic Store Client Capable 1.8 Mon Oct 3 09:57:28 PDT 2011 ImplVersion: 1.8.0.0
WebLogic STORE GXA Client Capable 1.7 Fri Apr 1 14:30:50 PDT 2011 ImplVersion: 1.7.0.0
WebLogic Store Admin Tool Client Capable 1.3 Thu Apr 28 09:32:45 PDT 2011 ImplVersion: 1.3.0.0
WebLogic JDBC Store Client Capable 1.3 Fri Sep 16 08:41:14 MDT 2011 ImplVersion: 1.3.1.0
WebLogic JTA implementation Client Capable 2.7 Sat Oct 15 07:12:58 PDT 2011 ImplVersion: 2.7.1.0
WebLogic Utils 1.10 Sat Oct 29 15:34:23 MDT 2011 ImplVersion: 1.10.0.0
WebLogic Utility Classloader implementations Client Capable 2.0 Wed May 18 10:00:41 PDT 2011 ImplVersion: 2.0.0.0
WebLogic java compiler utils package Client Capable 1.2 Thu Feb 11 03:38:50 EST 2010 ImplVersion: 1.2.0.0
WebLogic Utils for working with Expressions Client Capable 1.4 Tue Sep 29 14:45:53 EDT 2009 ImplVersion: 1.4.0.0
WebLogic Utils for Dynamically Generated Class Wrappers Client Capable 1.4 Fri Feb 13 14:44:23 MST 2009 ImplVersion: 1.4.0.0
WebLogic Timers Client Capable 1.7 Fri Feb 4 14:23:26 MST 2011 ImplVersion: 1.7.1.0
WebLogic Work Manager Client Capable 1.11 Thu Oct 6 11:12:55 PDT 2011 ImplVersion: 1.11.0.0
WebLogic Workarea Client Capable 1.8 Tue Jun 28 04:08:48 EDT 2011 ImplVersion: 1.8.0.0
WebLogic XML XPath Implementation Client Capable 1.5 Thu Sep 1 22:11:12 EDT 2011 ImplVersion: 1.5.0.0
WebLogic Security 1.0 Fri Aug 19 08:44:53 MDT 2011 ImplVersion: 6.2.0.0
WebLogic security ssl classes 1.0 Tue Jun 15 17:39:53 EDT 2010 ImplVersion: 1.0.0.0
WebLogic Nodemanager Plugin Client Capable 1.3 Tue Nov 18 18:23:10 EST 2008 ImplVersion: 1.3.0.0
WebLogic JMS Pool Client Capable 1.9 Wed Apr 13 13:03:26 EDT 2011 ImplVersion: 1.9.0.0
WebLogic Http Pub/Sub Module Client Capable 1.7 Fri Jul 8 13:06:46 EDT 2011 ImplVersion: 1.7.0.0
WebLogic WebApp Container Public API Client Capable 1.4 Fri Oct 1 20:01:15 PDT 2010 ImplVersion: 1.4.0.0
WebLogic Coherence Descriptor 1.2 Thu Sep 1 08:29:31 PDT 2011 ImplVersion: 1.2.0.0
WebLogic Coherence Descriptor 1.2 Binding Bundle ImplVersion: 1.2.0.0
WebLogic WebService Public API‘s 1.1 Tue Sep 21 22:15:05 EDT 2010 ImplVersion: 1.1.0.0
WebLogic EclipseLink Integration 1.0 Thu Feb 25 14:56:43 PST 2010 ImplVersion: 1.0.0.0
WebLogic SCA Client 1.0 Thu Feb 25 00:27:10 EST 2010 ImplVersion: 1.0.0.0
WebLogic RAC Module UCP Client Capable 1.1 Thu Oct 6 16:06:35 PDT 2011 ImplVersion: 1.1.0.0
Oracle Universal Connection Pool ImplVersion: 11.2.0.3.0

SERVICE NAME VERSION INFORMATION
============ ===================
Kernel Commonj WorkManager v1.1
TimerService Commonj TimerManager v1.1
CorbaService CORBA 2.3, IIOP 1.2, RMI-IIOP SFV2, OTS 1.2, CSIv2 Level 0 + Stateful
XMLService XML 1.1
Transaction Service JTA 1.1
JDBCService JSR-221, JDBC 4.0
CustomResourceServerService 1.0.0.0
Servlet Container Servlet 2.5, JSP 2.1
WebServices JSR-173, JAX-RPC, JSR-109, WSDL, WS-Addressing, WS-Policy, JAX-B, JAX-R, UDDI, WS-Management(HP), JAXP-1.3, WS-Security
Transaction Stop Service JTA 1.1
Pre Admin Singleton Services S 1.0
Singleton Services Batch Manag 1.0
Post Admin Singleton Services 1.0
EJB Container EJB 3.0
MDBService EJB 3.0
EJBTimerService EJB 3.0
J2EE Connector 1.5
JMS Service JMS 1.1

D:\Oracle\Middleware\utils\bsu>

1.3、weblogic version 详细信息
D:\Oracle\Middleware\utils\bsu>bsu.cmd -prod_dir=D:\Oracle\Middleware\wlserver_10.3 -status=applied -verbose -view

报错信息如下:
D:\Oracle\Middleware\utils\bsu>bsu.cmd -prod_dir=D:\Oracle\Middleware\wlserver_10.3 -status=applied -verbose -view
Exception in thread "Thread-0" Exception in thread "Main Thread" java.lang.OutOfMemoryError
java.lang.NoClassDefFoundError: com/bea/plateng/patch/PatchSystem
at com.bea.plateng.patch.PatchClientHelper.getAllPatchDetails(PatchClientHelper.java:74)
at com.bea.plateng.patch.PatchInstallationHelper.cleanupPatchSets(PatchInstallationHelper.java:130)
at com.bea.plateng.patch.PatchTarget.<init>(PatchTarget.java:272)
at com.bea.plateng.patch.PatchTargetFactory.create(PatchTargetFactory.java:30)
at com.bea.plateng.patch.PatchTargetHelper.getPatchTargets(PatchTargetHelper.java:204)
at com.bea.plateng.patch.PatchTargetHelper.updatePatchTargets(PatchTargetHelper.java:119)
at com.bea.plateng.patch.PatchTargetHelper.getAllPatchTargets(PatchTargetHelper.java:74)
at com.bea.plateng.patch.PatchTargetHelper.getPatchTarget(PatchTargetHelper.java:247)
at com.bea.plateng.patch.Patch.getPatchTarget(Patch.java:432)
at com.bea.plateng.patch.Patch.getPatchTarget(Patch.java:416)
at com.bea.plateng.patch.Patch.main(Patch.java:251)

环境变量没有问题:修改bsu.cmd 运行内存
=======================================================
@ECHO OFF
SETLOCAL

SET JAVA_HOME=D:\Oracle\Middleware\jrockit_160_29_D1.2.0-10
FOR %%i IN ("%JAVA_HOME%") DO SET JAVA_HOME=%%~fsi

SET JAVA=%1
IF DEFINED JAVA (
SET JAVA=java
) ELSE (
SET JAVA=javaw
)

set MEM_ARGS=-Xms512m -Xmx1024m --修改后结果

"%JAVA_HOME%\bin\%JAVA%" %MEM_ARGS% -jar patch-client.jar %*

ENDLOCAL
=========================================================
正常显示如下:

D:\Oracle\Middleware\utils\bsu>bsu.cmd -prod_dir=D:\Oracle\Middleware\wlserver_10.3 -status=applied -verbose -view
ProductName: WebLogic Server
ProductVersion: 10.3 MP6
Components: WebLogic Server/Core Application Server,WebLogic Server/Admi
nistration Console,WebLogic Server/Configuration Wizard and
Upgrade Framework,WebLogic Server/Web 2.0 HTTP Pub-Sub Serve
r,WebLogic Server/WebLogic SCA,WebLogic Server/WebLogic JDBC
Drivers,WebLogic Server/Third Party JDBC Drivers,WebLogic S
erver/WebLogic Server Clients,WebLogic Server/WebLogic Web S
erver Plugins,WebLogic Server/UDDI and Xquery Support,WebLog
ic Server/Evaluation Database,WebLogic Server/Workshop Code
Completion Support
BEAHome: D:\Oracle\Middleware
ProductHome: D:\Oracle\Middleware\wlserver_10.3
PatchSystemDir: D:\Oracle\Middleware\utils\bsu
PatchDir: D:\Oracle\Middleware\patch_wls1036
Profile: Default
DownloadDir: D:\Oracle\Middleware\utils\bsu\cache_dir
JavaHome: D:\Oracle\Middleware\jdk160_29
JavaVersion: 1.6.0_29
JavaVendor: Sun

Patch ID: EJUW
PatchContainer: EJUW.jar
Checksum: 1554039558
Severity: optional
Category: General
CR/BUG: 20780171
Restart: true
Description: WLS PATCH SET UPDATE 10.3.6.0.12
WLS PATCH SET UPDATE 10.3.6.0.12

Patch ID: ZLNA
PatchContainer: ZLNA.jar
Checksum: -894774340
Severity: optional
Category: Security
CR/BUG: 22248372
Restart: true
Description: WEBLOGIC SERVER CVE-2015-4852 SECURITY ALERT PATCH (NOV 2015
)
WEBLOGIC SERVER CVE-2015-4852 SECURITY ALERT PATCH (NOV 20
15)

二、打补丁
先卸载之前已打的补丁。。。
====================================================
卸载:
D:\Oracle\Middleware\utils\bsu>bsu.cmd -install -patch_download_dir=d:\Oracle\Middleware\utils\bsu\cache_dir -patchlist=FMJJ -prod_dir=D:\Oracle\Middleware\wlserver_10.3
检查冲突..........
检测到冲突 - 解决冲突情形并重新执行补丁程序安装
下面是冲突情形详细资料:
补丁程序 FMJJ 与以下补丁程序互相排斥且不能共存: EJUW,ZLNA
终止批处理操作吗(Y/N)? y

D:\Oracle\Middleware\utils\bsu>

- Stop all WebLogic Servers
- Navigate to the {MW_HOME}/utils/bsu directory.
- Execute bsu.sh -remove -patchlist={PATCH_ID} -prod_dir={MW_HOME}/{WL_HOME}

D:\Oracle\Middleware\utils\bsu>bsu.cmd -remove -patchlist=ZLNA -prod_dir=D:\Oracle\Middleware\wlserver_10.3
D:\Oracle\Middleware\utils\bsu>bsu.cmd -remove -patchlist=EJUW -prod_dir=D:\Oracle\Middleware\wlserver_10.3
检查冲突...........
检测到冲突 - 解决冲突情形并重新执行补丁程序删除过程
下面是冲突情形详细资料:
必须先删除下列补丁程序, 才能删除所选补丁程序: ZLNA

D:\Oracle\Middleware\utils\bsu>
D:\Oracle\Middleware\utils\bsu>
D:\Oracle\Middleware\utils\bsu>
D:\Oracle\Middleware\utils\bsu>
D:\Oracle\Middleware\utils\bsu>
D:\Oracle\Middleware\utils\bsu>bsu.cmd -remove -patchlist=ZLNA -prod_dir=D:\Oracle\Middleware\wlserver_10.3
检查冲突...........
未检测到冲突

删除补丁程序 ID: ZLNA..
结果: 成功

D:\Oracle\Middleware\utils\bsu>
D:\Oracle\Middleware\utils\bsu>bsu.cmd -remove -patchlist=EJUW -prod_dir=D:\Oracle\Middleware\wlserver_10.3
检查冲突...........
未检测到冲突

删除补丁程序 ID: EJUW..
结果: 成功

Post-Uninstallation Instructions
--------------------------------
a) Restart all WebLogic Servers.
====================================================

1、解压补丁包zip文件,得到两个文件 一个.jar 一个.xml 将这个两个文件拷贝到weblogic目录下utils/bsu/cache_dir 中,如果没有cache_dir 自己创建。当然这个目录也可以自己指定。

unzip p26519424_1036_Generic.zip to {MW_HOME}/utils/bsu/cache_dir

2、应用补丁
D:\Oracle\Middleware\utils\bsu>bsu.cmd -install -patch_download_dir=d:\Oracle\Middleware\utils\bsu\cache_dir -patchlist=FMJJ -prod_dir=D:\Oracle\Middleware\wlserver_10.3

说明
-patch_download_dir 是上步中那两个文件所在的目录
-prod_dir weblogic的家目录
-patchlist 补丁ID号,就是补丁包里.jar文件的文件名

======================================

漫长等待然后提示.......

======================================

D:\Oracle\Middleware\utils\bsu>bsu.cmd -install -patch_download_dir=d:\Oracle\Middleware\utils\bsu\cache_dir -patchlist=FMJJ -prod_dir=D:\Oracle\Middleware\wlserver_10.3
检查冲突.........
未检测到冲突

正在安装补丁程序 ID: FMJJ..
结果: 成功

D:\Oracle\Middleware\utils\bsu>

三、验证

a) Restart all WebLogic servers.
b) The following command is a simple way to determine the application of WebLogic Server PSU.

D:\Oracle\Middleware\wlserver_10.3\server\bin>setWLSEnv.cmd

D:\Oracle\Middleware\utils\bsu>bsu.cmd -prod_dir=D:\Oracle\Middleware\wlserver_10.3 -status=applied -verbose -view
ProductName: WebLogic Server
ProductVersion: 10.3 MP6
Components: WebLogic Server/Core Application Server,WebLogic Server/Admi
nistration Console,WebLogic Server/Configuration Wizard and
Upgrade Framework,WebLogic Server/Web 2.0 HTTP Pub-Sub Serve
r,WebLogic Server/WebLogic SCA,WebLogic Server/WebLogic JDBC
Drivers,WebLogic Server/Third Party JDBC Drivers,WebLogic S
erver/WebLogic Server Clients,WebLogic Server/WebLogic Web S
erver Plugins,WebLogic Server/UDDI and Xquery Support,WebLog
ic Server/Evaluation Database,WebLogic Server/Workshop Code
Completion Support
BEAHome: D:\Oracle\Middleware
ProductHome: D:\Oracle\Middleware\wlserver_10.3
PatchSystemDir: D:\Oracle\Middleware\utils\bsu
PatchDir: D:\Oracle\Middleware\patch_wls1036
Profile: Default
DownloadDir: d:\Oracle\Middleware\utils\bsu\cache_dir
JavaHome: D:\Oracle\Middleware\jdk160_29
JavaVersion: 1.6.0_29
JavaVendor: Sun

Patch ID: FMJJ
PatchContainer: FMJJ.jar
Checksum: 591477727
Severity: optional
Category: General
CR/BUG: 26519424
Restart: true
Description: WLS PATCH SET UPDATE 10.3.6.0.171017 WLS PATCH SET UPDATE 10.3.6.0.171017

java weblogic.version

In the following example output, 10.3.6.0.171017 is the installed WebLogic Server PSU.

WebLogic Server 10.3.6.0.171017 PSU Patch for BUG26519424

这时候启动weblogic,在标准输出中也可以看到加载了新补丁:
<2015-10-26 下午02时43分41秒 CST> <Info> <Management> <BEA-141107> <Version: WebLogic Server 10.3.6.0.12 PSU P
atch for BUG20780171 THU JUN 18 15:54:42 IST 2015

原文地址:https://www.cnblogs.com/hmwh/p/8656259.html

时间: 2024-10-08 20:50:39

WEBLOGIC 11G (10.3.6) windows PSU 升级10.3.6.0.171017(Java 反序列化漏洞升级)的相关文章

weblogic打补丁修复JAVA反序列化漏洞 &nbsp; &nbsp; &nbsp;

之前一篇文章记录部署web代理修复漏洞通过部署web代理来修复JAVA反序列化漏洞,这篇通过打补丁来修复这个漏洞.详见(Doc ID 2075927.1) 系统环境如下所示: OS:Oracle Linux Server release 6.1 64bit Weblogic:10.3.6 具体操作如下步骤所示: 1.备份备份备份 2.一切操作安装补丁README来 2.1 更新PSU 2.2 打补丁 1.备份 做好备份工作,无论是否可以回退,保证有备份 2.上传PSU weblogic补丁上传,

weblogic服务器部署web代理修复weblogic的JAVA反序列化漏洞

近日乌云发邮件提示公司的某系统存在漏洞,有关weblogic,详细信息参考http://drops.wooyun.org/papers/13244 修复方法http://drops.wooyun.org/web/13470 本次使用Apache作为代理进行处理,也就是在weblogic服务器安装web(Apache或者nginx)代理应用,使web代理监听原有weblogic监听的端口,并且将http请求转发给本机的weblogic进行处理.详细操作如下所示 OS:Oracle Linux 6.

WebLogic反序列化漏洞导致getshell

本文主要是讲述在主机渗透中我们经常使用的一条路径(存活判断-端口扫描-端口删选(web端口)-针对性渗透(web渗透))进行渗透,其中主要涉及发现漏洞.利用漏洞.获取上传位置等过程中自己的一点经验技巧.简单来说,本文主要是对某主机进行渗透的全过程记录!如有不合理或错误的地方,烦请各位多多指教,谢谢! 1.1    主机存活判断 当我们得到一个主机IP时,我们首先对它进行存活判断,最简单的就是通过ping命令,但是如果主机是禁ping那么我们可能会判断失误,因此我们需要使用nmap来再次进行存活判

CentOS 6下gcc升级的操作记录(由默认的4.4.7升级到6.4.0版本)

机房一台centos6.9机器部署了jenkins发布系统,开发人员在用node编译js,发现依赖的gcc版本低了,故需要将gcc升级到高版本(至少5.0版本以上),这里选择升级到6.4.0版本,下面是升级的操作记录: 1)查看系统版本 [[email protected] ~]# cat /etc/redhat-release CentOS release 6.9 (Final) 2)查看默认的gcc版本 [[email protected] ~]# gcc --version gcc (GC

weblogic AND jboss 反序列化漏洞

C:\Program Files\Java\jboss-4.2.3.GA\server\default\deploy\http-invoker.sar\invoker.war\WEB-INF server/$CONFIG/deploy/http-invoker.sar/http-invoker.war/WEB-INF/w eb.xml 文件,将标签中的 url-pattern 修改为/*,并注释掉其中的两个 http-method. 1.weblogic反序列化漏洞 通过java反序列化漏洞利用

windows环境下10.2.0.1到11gr2 迁移升级

windows 环境下 10g 数据库到11g 数据库迁移 一.10g 环境做好迁移准备 在数据库中创建test表,并插入一条数据以便确认迁移是否成功 SQL> create table test(id number,name varchar(20)); SQL> insert into test(id,name) values(1,'test' 由于10.2.0.1版本不能直接升级到11gr2,所以需要先将源数据库升级为10.2.0.2 登陆rman C:\Documentsand Sett

WebLogic 10.3.6.0 升级反序列化漏洞补丁

由于最近比特币被炒到近乎不可思议的价格,所以网络上的肉鸡都被黑产们一个个培养成了挖矿鸡.今儿就聊聊如何进行WebLogic10的反序列化漏洞的升级方法. 1.修改bsu.sh 把内存调大vi /home/weblogic/bea/utils/bsu/bsu.sh把这段修改成MEM_ARGS="-Xms1G -Xmx2G"2.下载补丁mkdir -p /home/weblogic/bea/utils/bsu/cache_dir把最新补丁包CVE-2017-10271p26519424_1

探索Oracle之数据库升级四 11.2.0.4.0 PSU 11.2.0.4.3

探索Oracle之数据库升级四 11.2.0.4.0 PSU 11.2.0.4.3   一.  检查当前数据库PSU号: [[email protected] ~]$ cd/DBSoft/Product/11.2.4/db_1/OPatch/ [[email protected] OPatch]$ ls crs docs emdpatch.pl jlib ocm opatch opatch.bat opatchdiag opatchdiag.bat opatch.ini opatch.pl op

Oracle 10.2.0.5 RMAN迁移并升级11.2.0.4一例

一.环境介绍 1. 源数据库环境 操作系统版本: OEL 5.4 x64数据库版本  : 10.2.0.5 x64数据库sid名 : orcl Oracle 10g 10.2.0.5(64bit)安装目录如下: 数据库软件:/u01/app/oracle/product/10.2.0/db_1数据库文件:/u01/app/oracle/oradata/orcl 归档目录:/u01/archivelog RMAN目录:/backup/dbbak/orabak 背景:一个老oracle10g数据库,