openssl -- denial of service in DTLS implementation

2009-05-18T00:00:00
ID 82B55DF8-4D5A-11DE-8811-0030843D3802
Type freebsd
Reporter FreeBSD
Modified 2014-04-10T00:00:00

Description

Secunia reports:

Some vulnerabilities have been reported in OpenSSL, which can be exploited by malicious people to cause a DoS. The library does not limit the number of buffered DTLS records with a future epoch. This can be exploited to exhaust all available memory via specially crafted DTLS packets. An error when processing DTLS messages can be exploited to exhaust all available memory by sending a large number of out of sequence handshake messages.