Care in the Community
Read on for the latest news, features and happenings for ZDNet.co.uk members from your very own community editor.
Tuesday 29 July 2008, 5:28 PM
Oracle sounds alarm over serious WebLogic flaw
Oracle has posted a security warning about a vulnerability in the Apache component of its WebLogic Server, even though it doesn't have a patch ready yet. It's taken the rare step of making an out-of-cycle security alert because information on the flaw and exploit code for it are already circulating online, it said in a statement on Monday.
Adding to the risk is that the flaw can be exploited over a network without authentication, which means an attacker doesn't need to know a valid username or password.
The software maker says it will release an unscheduled patch as soon as it has a fix, and is urging customers to use its recommended workaround until then.
Adding to the risk is that the flaw can be exploited over a network without authentication, which means an attacker doesn't need to know a valid username or password.
The software maker says it will release an unscheduled patch as soon as it has a fix, and is urging customers to use its recommended workaround until then.
Previous
