OpenSSL -- DTLS and TLS 1.1, 1.2 denial of service

2012-05-10T00:00:00
ID DBA5D1C9-9F29-11E1-B511-003067C2616F
Type freebsd
Reporter FreeBSD
Modified 2012-05-10T00:00:00

Description

OpenSSL security team reports:

A flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1, 1.2 and DTLS can be exploited in a denial of service attack on both clients and servers.