OpenSSL Patches Denial of Service Flaws
17th March, 2004
The OpenSSL Project has issued patches to fix flaws that could leave secure servers open to denial of service attacks. These vulnerabilities have been fixed in OpenSSL 0.9.6m and 0.9.7d, available from the project's web site.
OpenSSL is an open source toolkit implementing the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, and is used in security products from numerous vendors. Cisco has already released an advisory for customers, while Oracle and Symantec say none of their OpenSSL-based products are affected. OpenSSL is also used in products from IBM, FreeBSD, Red Hat, SUSE and others. The advisory from UK's National Infrastructure Security Co-ordination Centre (NISCC) includes an updated list of vendor responses.
Last summer the NISCC identified several similar vulnerabilities in OpenSSL. In December, Oracle issued a critical update to address security holes in its implementation of OpenSSL.
Posted by Rich Miller in Security
Related News
Netcraft Toolbar Day 1 Summary
29 Dec 2004
Security
Development of a Firefox version of the toolbar is underway, and started just before Xmas. We will make it available as soon as we can. Filtering of some suspicious characters was too aggressive and actually blocked some urls on benign sites including...
View full post
Netcraft Toolbar Tutorial
29 Dec 2004
Netcraft Services, Security
The Netcraft Toolbar uses Netcraft's databases of web site information to show you all the attributes of each site you visit on the Web, including the site's hosting location, country, longevity and popularity. The Toolbar is compatible with Microsoft...
View full post
Netcraft Anti-Phishing Toolbar Available for Download
28 Dec 2004
Netcraft Services, Security
The Netcraft Toolbar uses Netcraft's enormous databases of web site information to show you all the attributes of each site you visit on the Web, including the sites' hosting location, country, longevity and popularity. It also mobilizes the Netcraft...
View full post