CVE-2013-6449

2013-12-23T22:55:00
ID CVE-2013-6449
Type cve
Reporter cve@mitre.org
Modified 2018-10-09T19:34:00

Description

The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client.