Lucene search

K
freebsdFreeBSD00B0D8CD-7097-11E2-98D9-003067C2616F
HistoryFeb 05, 2013 - 12:00 a.m.

OpenSSL -- TLS 1.1, 1.2 denial of service

2013-02-0500:00:00
vuxml.freebsd.org
19

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.183 Low

EPSS

Percentile

96.2%

OpenSSL security team reports:

A flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1
and TLS 1.2 on AES-NI supporting platforms can be exploited in a
DoS attack.
A flaw in the OpenSSL handling of OCSP response verification can
be exploited in a denial of service attack.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchopenssl< 1.0.1_6UNKNOWN

5 Medium

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.183 Low

EPSS

Percentile

96.2%