Oracle Ups Status On SSL Vulnerability Alert
Oracle issued a high severity security alert warning, of Secure Sockets Layer (SSL) vulnerabilities, that will require users to immediately apply patch fixes to systems at risk.
Oracle released a detailed security alert on Thursday. The cautionary note addresses SSL vulnerabilities detailed in CERT Advisory CA-2003-26, and SSL vulnerabilities detailed in several older Common Vulnerabilities and Exposures (CVE) Candidates.
The company justified the alert upgrade, citing the fact that a number of its server products could be tampered with, by exploiting vulnerabilities via the OpenSSL protocol.
According to Oracle, the risk to exposure is high. Any client that is able to access the server may exploit the vulnerabilities, and the flaws could potentially open the door for a remote hacker to launch a denial-of-service (DoS) attack, execute malicious code, and gain access privileges.
This vulnerability affects all products that use SSL and accept client certificates in the Oracle9i Application Server, the Oracle9i Database Server, and the Oracle8i Database Server
OpenSSL is an open source deployment of the SSL and Transport Layer Security (TLS) protocols. The protocols offer encryption, authentication, and other security measures to HTTP and other network applications.
To minimize risk, Oracle recommended that users apply patches since no workarounds exist that fully address the potential security vulnerabilities. Patches for the security vulnerabilities are available on Oracle’s support Web site, MetaLink.
- Battling Cyber Risks With Intelligent Automation
- Ensuring A Secured Blockchain Ecosystem
- Cyber GCCs In India At The Cusp Of Transformation
- Have We Learnt A Lesson From Facebook-Cambridge Analytica Crisis?
- Firms Unable To Cope With Security Skill Gap, Vendor Sprawl: Study
- Why VPN Services Are Getting More And More Popular
- 5 Ways To Create A CX-First Culture For Executives
- Indians Lack Awareness Of Malicious Cryptomining: Study
- Despite Potential, AI Has Many Issues To Be Sorted
- The Digital Messiah: Inside Accenture's Innovation Hub