Database Journal
MS SQL Oracle DB2 Access MySQL PostgreSQL Sybase PHP SQL Etc SQL Scripts & Samples Links Database Forum

» Database Journal Home
» Database Articles
» Database Tutorials
MS SQL
Oracle
DB2
MS Access
MySQL
» RESOURCES
Database Tools
SQL Scripts & Samples
Links
» Database Forum
» Sitemap
Free Newsletters:
DatabaseDaily  
News Via RSS Feed


follow us on Twitter
Database Journal |DBA Support |SQLCourse |SQLCourse2
 

Featured Database Articles

Database News

Posted Dec 5, 2003

Oracle: SSL Update for CERT CA200326 and older SSL issues

By DatabaseJournal.com Staff

[From Oracle Technology Network]

This alert addresses SSL vulnerabilities detailed in CERT Advisory CA200326, and SSL vulnerabilities detailed in several older Common Vulnerabilities and Exposures (CVE) candidates , as follows:

  • CERT CA200326 documents SSL vulnerabilities that can be exploited when carefully crafted X.509 certificates are presented by clients, even when X.509 client certificates are not enabled. The CVE numbers for these issues are CAN20030544 and CAN20030545.
  • CERT CA200326 also documents a vulnerability that is only present when processing of X.509 client certificates is enabled. The CVE number for this issue is CAN20030543. This vulnerability affects all products that use SSL and accept client certificates in the Oracle9i Application Server, the Oracle9i Database Server, and the Oracle8i Database Server.
  • The patches provided in this alert also fix the following older CVE issues: CVE20020082, CAN20030078, CAN20030147, and CAN20030131.

Multiple database, application and HTTP servers are affected.

The article continues at http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf



Database News Archives

Comment and Contribute

 


(Maximum characters: 1200). You have characters left.

 

 




Latest Forum Threads
Database News Forum
Topic By Replies Updated
Efficient SQL Server Indexing by Design lcole 0 April 30th, 12:38 PM
Mine Oracle Database, SQL Server and Other Databases with Monarch Data Pump Pro V10.5 lcole 0 April 30th, 12:37 PM
Oracle Database and Oracle Fusion Middleware for Private Social Network Application lcole 0 April 30th, 12:31 PM
Oracle Database Maintains a Stronghold in the DBMS Market lcole 0 April 30th, 12:30 PM