CVE-2016-2177
CVE-2016-2177
OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.
Productos afectados
n/a · n/a¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →Referencias
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.htmlhttp://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.htmlhttp://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.htmlhttp://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html