Описание
The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 1.0.1f-1ubuntu1 |
| lucid | not-affected | |
| precise | released | 1.0.1-4ubuntu5.11 |
| quantal | released | 1.0.1c-3ubuntu2.6 |
| raring | released | 1.0.1c-4ubuntu8.2 |
| saucy | released | 1.0.1e-3ubuntu1.1 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | |
| lucid | DNE | |
| precise | not-affected | |
| quantal | not-affected | |
| raring | not-affected | |
| saucy | not-affected | |
| upstream | needs-triage |
Показывать по
4.3 Medium
CVSS2
Связанные уязвимости
The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake.
The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake.
The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1. ...
The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake.
Уязвимость операционной системы Gentoo Linux, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
4.3 Medium
CVSS2