Computer Security
[EN] securityvulns.ru no-pyccku


OpenSSL DoS
Published:15.02.2011
Source:
SecurityVulns ID:11435
Type:library
Threat Level:
6/10
Description:Uninitialized memory reference on ClientHello request parsing.
CVE:CVE-2011-0014 (ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability.")
Original documentdocumentDEBIAN, [SECURITY] [DSA 2162-1] openssl security update (15.02.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod