Running Middleware apps with non-root user on privileged ports < 1024 on Solaris

In Solaris 9 and above, non root users can open ports < 1024 with the below command: # su – # /usr/sbin/usermod -K defaultpriv=basic,net_privaddr <userId> Also this needs to be run once by root user, after this user will be able to bind to any available port & there will be no restriction

Heartbleed Bug affecting Weblogic websphere apache & other middleware application / web servers ?

So we all are hearing various news about Heartbleed Bug, so let’s see which of our middleware application servers are affected by this:

Here is an brief review of the Bug -CVE-2014-0160:

“OpenSSL could allow a remote attacker to obtain sensitive information, caused by an error in the TLS/DTLS heartbeat functionality. An attacker could exploit this vulnerability to expose 64k of private memory and retrieve secret keys. An attacker can repeatedly expose additional 64k chunks of memory. This vulnerability can be remotely exploited, authentication is not required and the exploit is not complex. An exploit can only partially affect the confidentially, but not integrity or availability..”

Read more about Heartbleed Bug affecting Weblogic websphere apache & other middleware application / web servers ?