Skip to main content

OpenSSL Deny Service Vulnerability

Last Update Date: 7 May 2014 Release Date: 5 May 2014 3722 Views

RISK: High Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

A vulnerability was identified in OpenSSL. A remote user can cause denial of service conditions.

 

A remote user can send specially crafted data to trigger a null pointer dereference in do_ssl3_write() and cause the target service to crash.

 

The vulnerability resides in 'ssl/s3_pkt.c'.

 

NOTE: There is no patch available for this vulnerability.


Impact

  • Denial of Service

System / Technologies affected

  • Version 1.0.1g and prior versions

Solutions

  • NOTE: There is no patch available for this vulnerability.

Vulnerability Identifier


Source


Related Link