Vulnerability in OpenSSL (CVE-2014-3569)

2014-10-21T00:00:00
ID OPENSSL:CVE-2014-3569
Type openssl
Reporter OpenSSL
Modified 2014-10-21T00:00:00

Description

When openssl is built with the no-ssl3 option and a SSL v3 ClientHello is received the ssl method would be set to NULL which could later result in a NULL pointer dereference. Reported by Frank Schmirler.