Oracle Ups Status On SSL Vulnerability Alert
Oracle issued a high severity security alert warning, of Secure Sockets Layer (SSL) vulnerabilities, that will require users to immediately apply patch fixes to systems at risk.
Oracle released a detailed security alert on Thursday. The cautionary note addresses SSL vulnerabilities detailed in CERT Advisory CA-2003-26, and SSL vulnerabilities detailed in several older Common Vulnerabilities and Exposures (CVE) Candidates.
The company justified the alert upgrade, citing the fact that a number of its server products could be tampered with, by exploiting vulnerabilities via the OpenSSL protocol.
According to Oracle, the risk to exposure is high. Any client that is able to access the server may exploit the vulnerabilities, and the flaws could potentially open the door for a remote hacker to launch a denial-of-service (DoS) attack, execute malicious code, and gain access privileges.
This vulnerability affects all products that use SSL and accept client certificates in the Oracle9i Application Server, the Oracle9i Database Server, and the Oracle8i Database Server
OpenSSL is an open source deployment of the SSL and Transport Layer Security (TLS) protocols. The protocols offer encryption, authentication, and other security measures to HTTP and other network applications.
To minimize risk, Oracle recommended that users apply patches since no workarounds exist that fully address the potential security vulnerabilities. Patches for the security vulnerabilities are available on Oracle’s support Web site, MetaLink.
- Password Protected Wi-Fi Is Also Prone To Hacks: Study
- The 10 Best Companies For Women In India
- Delving Into The ABC Of Cyber Security
- Large-Scale IoT Projects Doubled In Last One Year: Study
- Weekly Rewind: Top 10 Stories On CXOToday (Oct 9-13)
- There's No Stopping The IoT Growth; Here's Why
- Weekly Rewind: Top 10 Stories On CXOToday (Oct 2-6)
- Gartner: Top 10 Strategic Tech Trends For 2018
- Are You Choosing The Best Software For Your Business?
- Insider Threats and Its Impact On Data Security