go -- remote denial of service

2016-04-05T00:00:00
ID F2217CDF-01E4-11E6-B1CE-002590263BF5
Type freebsd
Reporter FreeBSD
Modified 2016-04-05T00:00:00

Description

Jason Buberel reports:

Go has an infinite loop in several big integer routines that makes Go programs vulnerable to remote denial of service attacks. Programs using HTTPS client authentication or the Go ssh server libraries are both exposed to this vulnerability.