AService Log Error - Possible STARTTLS Pipeline Attack From <ip address>
Last updated on APRIL 04, 2018
Applies to:Oracle Communications Messaging Server - Version 8.0.2 and later
Information in this document applies to any platform.
Using: Oracle Communications Messaging Server 220.127.116.11.20180130
Seeing the following error on the MMP:
1. Are these indicators of an attempted attack to exploit CVE-2011-0411?
2. If so, did Messaging Server block this "attack" by not honoring plaintext commands pipelined after STARTTLS (hence the log messages), or not?
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
Million Knowledge Articles and hundreds of Community platforms