OpenSSL Patches Denial of Service Flaws
The OpenSSL Project has issued patches to fix flaws that could leave secure servers open to denial of service attacks. These vulnerabilities have been fixed in OpenSSL 0.9.6m and 0.9.7d, available from the project's web site.
OpenSSL is an open source toolkit implementing the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, and is used in security products from numerous vendors. Cisco has already released an advisory for customers, while Oracle and Symantec say none of their OpenSSL-based products are affected. OpenSSL is also used in products from IBM, FreeBSD, Red Hat, SUSE and others. The advisory from UK's National Infrastructure Security Co-ordination Centre (NISCC) includes an updated list of vendor responses.
Last summer the NISCC identified several similar vulnerabilities in OpenSSL. In December, Oracle issued a critical update to address security holes in its implementation of OpenSSL.
Digg
Slashdot
Reddit
StumbleUpon
Delicious
Technorati
Posted by Rich Miller at 17 March 2004
in Security
|
Print this Page
| Rackspace Managed Hosting - Web Hosting - Hosting | Swishmail.com Business Email Hosting | Compare the Best Web Hosting Companies |
| INetU Managed Hosting - Dedicated Servers | Windows Dedicated Servers from Server Intellect | Reseller hosting Managed dedicated server Ahosting |
| Business Web Hosting Services - webhosting.uk.com | Web Hosting - Dedicated Servers & VPS Hosting | Managed Hosting - PCI Compliance by NeoSpire |
Advertising on Netcraft
Copyright © Netcraft Ltd 2009. All Rights Reserved.