Oracle Issues High Risk SSL Security Alert
Oracle has issued an alert (PDF) detailing high risk security holes affecting all SSL products in the Oracle9i Application Server, the Oracle9i and Oracle8i Database Servers, and Oracle HTTP server. "Any client that is able to access the server may exploit the vulnerabilities," the company said in its alert.
The patches address security issues in OpenSSL that were outlined on our site last month, and originally published by NISCC on Sept. 30. Fixes for these problems are available in the latest versions of OpenSSL (0.9.6k and 0.9.7c).
OpenSSL is an open source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS v1) protocols as well as a general purpose cryptography library.
Topically, the host involved in todays fraud attack on National Westminster was, according to the published Apache module line running a vulnerable version of OpenSSL.
Digg
Slashdot
Reddit
StumbleUpon
Delicious
Technorati
Posted by Rich Miller at 8 December 2003
in Security
|
Print this Page
| Rackspace Managed Hosting - Web Hosting - Hosting | Swishmail.com Business Email Hosting | Dedicated Servers - Apollo Hosting |
| INetU Managed Hosting - Dedicated Servers | DataPipe - Personal Touch, Global Reach | Website Hosting - Website Source - Ecommerce, VPS |
| Reseller hosting Managed dedicated server Ahosting | Web Hosting and Reseller Hosting By HostDepartment | Web Hosting UK - VPS Hosting Dedicated Server |
| Web Site Hosting - Network Solutions | Simplicato Email Hosting | Windows Dedicated Servers from Server Intellect |
| Heart Internet Web Hosting UK & Reseller Hosting | ||
Advertising on Netcraft
Copyright © Netcraft Ltd 2008. All Rights Reserved.