Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Critical Oracle flaw found

Dec 10, 2003 11:54PM PST

By Iain Thomson [11-12-2003]
Versions 8 and 9 of several software lines at risk

Oracle has warned its customers of critical flaws in the security technology of some of its application and database server products.
The flaws are in the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) of Oracle 8i and 9i Database Server, Oracle 9i Application Server, and versions 8 and 9 of the Oracle HTTP Server.

If exploited, the flaws can allow a client to take over the server.

In a statement, the company said: "Oracle is informing customers about SSL vulnerabilities detailed in Cert Advisory CA-2003-26 and SSL vulnerabilities detailed in several older Common Vulnerabilities and Exposures candidates.

http://www.vnunet.com/News/1151481

Discussion is locked