OpenSSL -- Remote Data Injection / DoS

2010-02-09T00:00:00
ID 0B8D7194-CA88-11E3-9D8D-C80AA9043978
Type freebsd
Reporter FreeBSD
Modified 2016-08-09T00:00:00

Description

Applications that use SSL_MODE_RELEASE_BUFFERS, such as nginx, are prone to a race condition which may allow a remote attacker to inject random data into other connections.