CVE-2014-3488

Опубликовано: 31 июл. 2014

Источник: debian

EPSS Низкий

Описание

The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
netty	not-affected			package
netty-3.9	fixed	3.9.9.Final-1		package

Примечания

https://bugzilla.redhat.com/show_bug.cgi?id=1107983 says only affects
3.9.0 and 3.9.1.
https://github.com/netty/netty/issues/2562
https://github.com/netty/netty/commit/2fa9400a59d0563a66908aba55c41e7285a04994

EPSS

Процентиль: 75%

0.00867

Низкий

Связанные уязвимости

CVE-2014-3488

ubuntu

больше 11 лет назад

The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.

CVE-2014-3488

redhat

больше 11 лет назад

The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.

CVE-2014-3488

nvd

больше 11 лет назад

The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.

GHSA-9959-6p3m-wxpc

github

больше 5 лет назад

Denial of service in Netty

EPSS

Процентиль: 75%

0.00867

Низкий