Fair Use: Please note that use of the Netcraft Blog is subject to our Fair Use and Copyright policies. For more information, please visit http://news.netcraft.com/fair-use-copyright, or email info@netcraft.com.

OpenSSL Patches Denial of Service Flaws

The OpenSSL Project has issued patches to fix flaws that could leave secure servers open to denial of service attacks. These vulnerabilities have been fixed in OpenSSL 0.9.6m and 0.9.7d, available from the project's web site.

OpenSSL is an open source toolkit implementing the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, and is used in security products from numerous vendors. Cisco has already released an advisory for customers, while Oracle and Symantec say none of their OpenSSL-based products are affected. OpenSSL is also used in products from IBM, FreeBSD, Red Hat, SUSE and others. The advisory from UK's National Infrastructure Security Co-ordination Centre (NISCC) includes an updated list of vendor responses.

Last summer the NISCC identified several similar vulnerabilities in OpenSSL. In December, Oracle issued a critical update to address security holes in its implementation of OpenSSL.

Posted by Rich Miller on 17th March, 2004 in Security

Advertisers Directory

Rackspace Hosting
Compare the Best Web Hosting Companies
INetU Managed Hosting - Dedicated Servers
Windows Dedicated Servers from Server Intellect
Business Web Hosting Services - webhosting.uk.com
Web Hosting - Dedicated Servers & VPS Hosting
Managed Hosting - PCI Compliance by NeoSpire
PEER 1 UK Hosting - Web Hosting & Managed Hosting
PEER 1 Web Hosting - Managed Servers in the UK
Bespoke European SEO Hosting - Over 150 C-Classes
Best SEO Pay For Performance SEO
Best Web Hosting and Dedicated Server by micfo
SSL Certificates from 15 EURO per year

OpenSSL Patches Denial of Service Flaws

Advertisers Directory

Your link here? Advertising on the Netcraft Blog.