OpenSSL -- NULL pointer dereference / DoS

2014-05-02T00:00:00
ID 1959E847-D4F0-11E3-84B0-0018FE623F2B
Type freebsd
Reporter FreeBSD
Modified 2016-08-09T00:00:00

Description

OpenBSD and David Ramos reports:

Applications that use SSL_MODE_RELEASE_BUFFERS, such as nginx/apache, are prone to a race condition which may allow a remote attacker to crash the current service.