Oracle patches security flaws
Oracle has issued a security alert and software patches for a set of serious vulnerabilities in the security protocols used by some of its server products.
The flaws affect certain versions of Oracle's 8i and 9i Database Server, Oracle 9i Application Server, and versions 8 and 9 of the Oracle HTTP Server, according to the alert, which is dated December 4.
Any client that can access an affected Oracle server could exploit the vulnerabilities, according to the alert, which characterizes users' risk of exposure from the vulnerability as "high." Oracle "strongly recommends" that users apply patches for these vulnerabilities and said there were no alternate workarounds to correct the issues.
[ Read more ]