CVE-2014-3513

EPSS 36.3%

Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message.

Produtos afetados

n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc http://advisories.mageia.org/MGASA-2014-0416.html http://aix.software.ibm.com/aix/efixes/security/openssl_advisory11.asc http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html http://lists.opensuse.org/opensuse-security-announce/2014-10/msg00008.html http://lists.opensuse.org/opensuse-security-announce/2014-11/msg00001.html http://marc.info/?l=bugtraq&m=142118135300698&w=2 http://marc.info/?l=bugtraq&m=142495837901899&w=2 http://marc.info/?l=bugtraq&m=142624590206005&w=2 http://marc.info/?l=bugtraq&m=142791032306609&w=2 http://marc.info/?l=bugtraq&m=142804214608580&w=2 http://marc.info/?l=bugtraq&m=142834685803386&w=2