Software firm Oracle has dished out an out-of-cycle patch to fix a critical denial-of-service (DoS) vulnerability in its open source Apache web server software.
The security update affects versions HTTPD 2.0 and 2.2 along with all Oracle server products based on it, such as Fusion Middleware, Enterprise Manager and Application Server.
The CVE-2011-3192 DoS vulnerability could be used by cyber criminals remotely to crash a system over a network event without account credentials.
Warning users of Apache web server, Oracle said, "This vulnerability may be remotely exploitable without authentication - it may be exploited over a network without the need for a username and password."
The company strongly recommended that customers must apply the security patch at the earliest as a successful attack could pose serious threat.
It was only the fifth time that Oracle had rolled out a security patch outside the quarterly update schedule that it started in 2005.
Recently, Adobe and Microsoft also announced security updates to fix critical vulnerabilities in their products.
Related News
- Microsoft to issue critical update for Windows Server next week
- Microsoft Releases Patch to Save Users from Cyber Attacks
- Microsoft to release two ‘critical’ security bulletins this Patch Tuesday
- Microsoft dives on 34 security issues
- Microsoft Patch Tuesday to comprise 11 security bulletins for fixing 25 vulnerabilities
- Microsoft issues “out of band” security patch to fix Windows flaw
- Microsoft testing a patch to address critical flaw affecting IE6 and IE7
