December 05, eWEEK
Oracle issued a high severity security alert warning Thursday, December 4, confirming that a variety of its server products could be tampered with through vulnerabilities via the OpenSSL protocol. The flaws could potentially open the door for a remote hacker to cause a denial−of−service (DoS) attack, execute arbitrary code, and gain access privileges. The notification addresses SSL vulnerabilities detailed in CERT Advisory CA−2003−26 and SSL vulnerabilities detailed in several older Common Vulnerabilities and Exposures (CVE) Candidates. Products concerned with the vulnerability include certain releases of Oracle9i Database Server, Oracle8i Database Server, Oracle9i Application Server, and Oracle HTTP Server. Additional information is available on Oracle's Website: http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf
Source: http://www.eweek.com/article2/0,4149,1405700,00.asp
Oracle issued a high severity security alert warning Thursday, December 4, confirming that a variety of its server products could be tampered with through vulnerabilities via the OpenSSL protocol. The flaws could potentially open the door for a remote hacker to cause a denial−of−service (DoS) attack, execute arbitrary code, and gain access privileges. The notification addresses SSL vulnerabilities detailed in CERT Advisory CA−2003−26 and SSL vulnerabilities detailed in several older Common Vulnerabilities and Exposures (CVE) Candidates. Products concerned with the vulnerability include certain releases of Oracle9i Database Server, Oracle8i Database Server, Oracle9i Application Server, and Oracle HTTP Server. Additional information is available on Oracle's Website: http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf
Source: http://www.eweek.com/article2/0,4149,1405700,00.asp