OpenSSL Patches Denial of Service Flaws
The OpenSSL Project has issued patches to fix flaws that could leave secure servers open to denial of service attacks. These vulnerabilities have been fixed in OpenSSL 0.9.6m and 0.9.7d, available from the project's web site.
OpenSSL is an open source toolkit implementing the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, and is used in security products from numerous vendors. Cisco has already released an advisory for customers, while Oracle and Symantec say none of their OpenSSL-based products are affected. OpenSSL is also used in products from IBM, FreeBSD, Red Hat, SUSE and others. The advisory from UK's National Infrastructure Security Co-ordination Centre (NISCC) includes an updated list of vendor responses.
Last summer the NISCC identified several similar vulnerabilities in OpenSSL. In December, Oracle issued a critical update to address security holes in its implementation of OpenSSL.
Digg
Slashdot
Reddit
StumbleUpon
Delicious
Technorati
Posted by Rich Miller at 17 March 2004
in Security
|
Print this Page
| Rackspace Managed Hosting - Web Hosting - Hosting | Swishmail.com Business Email Hosting | Dedicated Servers - Apollo Hosting |
| INetU Managed Hosting - Dedicated Servers | DataPipe - Personal Touch, Global Reach | Website Hosting - Website Source - Ecommerce, VPS |
| Reseller hosting Managed dedicated server Ahosting | Web Hosting and Reseller Hosting By HostDepartment | Web Hosting UK - VPS Hosting Dedicated Server |
| Web Site Hosting - Network Solutions | Simplicato Email Hosting | Windows Dedicated Servers from Server Intellect |
Advertising on Netcraft
Copyright © Netcraft Ltd 2008. All Rights Reserved.