{"id":2317,"date":"2003-12-09T00:00:00","date_gmt":"2003-12-09T00:00:00","guid":{"rendered":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2003\/12\/09\/oracle-patches-ssl-server-bugs\/"},"modified":"2021-12-30T11:41:04","modified_gmt":"2021-12-30T11:41:04","slug":"oracle-patches-ssl-server-bugs","status":"publish","type":"post","link":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/2003\/12\/09\/oracle-patches-ssl-server-bugs\/","title":{"rendered":"Oracle patches SSL server bugs"},"content":{"rendered":"<p>Oracle has issued a security alert and software patches for a set of serious vulnerabilities in the security protocols used by some of its server products.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The flaws exploit the ASN.1 (Abstract Syntax Notation 1) syntax notation used by the SSL (Secure Sockets Layer) and TLS (Transport Layer Security) protocols, which are widely used for exchanging data securely on the internet.<\/p>\n<p>By submitting data that was purposefully constructed, a malicious client could, theoretically, gain control over certain servers running SSL or TLS software.<\/p>\n<p>Oracle could have reduced the risk presented by these bugs had it removed certain features from the OpenSSL software libraries included with its servers, according to Thor Larholm, a senior security researcher with PivX Solutions, a network security consultancy.<\/p>\n<p>More info: [url=http:\/\/www.computerweekly.com\/articles\/article.asp?liArticleID=127127&#038;liFlavourID=1&#038;sp=1]http:\/\/www.computerweekly.com\/articles\/article.asp?liArticleID=127127&#038;liFlavourID=1&#038;sp=1[\/url]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13],"tags":[],"class_list":["post-2317","post","type-post","status-publish","format-standard","hentry","category-warnings"],"_links":{"self":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2317","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/comments?post=2317"}],"version-history":[{"count":1,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2317\/revisions"}],"predecessor-version":[{"id":4804,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/posts\/2317\/revisions\/4804"}],"wp:attachment":[{"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/media?parent=2317"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/categories?post=2317"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.cybersecurityinstitute.com\/blog\/index.php\/wp-json\/wp\/v2\/tags?post=2317"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}