Описание
d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values.
| Релиз | Статус | Примечание |
|---|---|---|
| artful | released | 1.0.1f-1ubuntu7 |
| bionic | released | 1.0.1f-1ubuntu7 |
| cosmic | released | 1.0.1f-1ubuntu7 |
| devel | released | 1.0.1f-1ubuntu7 |
| disco | released | 1.0.1f-1ubuntu7 |
| esm-infra-legacy/trusty | not-affected | 1.0.1f-1ubuntu2.5 |
| esm-infra/bionic | not-affected | 1.0.1f-1ubuntu7 |
| esm-infra/xenial | not-affected | 1.0.1f-1ubuntu7 |
| lucid | released | 0.9.8k-7ubuntu8.20 |
| precise | released | 1.0.1-4ubuntu5.17 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| artful | DNE | |
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needed] |
| lucid | DNE | |
| precise | ignored | end of life |
| precise/esm | DNE | precise was needed |
| trusty | ignored | end of standard support |
Показывать по
EPSS
5 Medium
CVSS2
Связанные уязвимости
d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values.
d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values.
d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, ...
d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values.
Уязвимость программного обеспечения OpenSSL, позволяющая удаленному злоумышленнику нарушить доступность защищаемой информации
EPSS
5 Medium
CVSS2