← voltar
CVE-2011-0014

CVE-2011-0014

EPSS 9.9%
ssl/t1_lib.c in OpenSSL 0.9.8h through 0.9.8q and 1.0.0 through 1.0.0c allows remote attackers to cause a denial of service (crash), and possibly obtain sensitive information in applications that use OpenSSL, via a malformed ClientHello handshake message that triggers an out-of-bounds memory access, aka "OCSP stapling vulnerability."
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
http://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2011-002.txt.aschttp://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02794777http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-February/054007.htmlhttp://lists.opensuse.org/opensuse-security-announce/2011-04/msg00000.htmlhttp://marc.info/?l=bugtraq&m=130497251507577&w=2http://marc.info/?l=bugtraq&m=131042179515633&w=2http://osvdb.org/70847http://secunia.com/advisories/43227http://secunia.com/advisories/43286http://secunia.com/advisories/43301http://secunia.com/advisories/43339