Date: 08 December 2003
Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
AusCERT Update AU-2003.021 - Oracle updates to correct TSL/SSL
vulnerabilities
08 December 2003
Product: Oracle9i Database Server Release 2, Version 9.2.0
Oracle9i Database Server Release 1, Version 9.0.1
Oracle8i Database Server Release 3, Version 8.1.7
Oracle9i Application Server Version 9.0.2
Oracle9i Application Server Version 9.0.3
Oracle9i Application Server Release 1, Version 1.0.2.2
Oracle9i Application Server Release 1, Version 1.0.2.1s
Oracle HTTP Server Version 9.2
Oracle HTTP Server Version 9.0.1
Oracle HTTP Server Version 8.1.7
Publisher: Oracle
Impact: Execute Arbitrary Code/Commands
Denial of Service
Access Required: Remote
CVE Names: CAN-2003-0543, CAN-2003-0544, CAN-2003-0545,
CVE-2002-0082, CAN-2003-0078, CAN-2003-0147,
CAN-2003-0131
Ref: AL-2003.18
Original Bulletin:
http://otn.oracle.com/deploy/security/pdf/2003alert62.pdf
Regards,
The AusCERT Team
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBP9QfySh9+71yA2DNAQHY5AP7BGPSVzfGqN88tyCsyGgKYPbsCU6Eq/mo
SMfRRPSkHwT1TL2IfR5F1RUlXp82WVaZCPCe+Qcq+4fQ/BsG1i5Hji1Cs3o5tHTT
btWx+M2ZioEu5R0BU6OfgD3oR6WlmvATpmdtug2/2gvGt5oWoWvcaAjfZlhIthyU
EUjoG3S7LR8=
=Pbes
-----END PGP SIGNATURE-----
|