2 matches found
PT-2015-1688 · Openssl +1 · Openssl +3
Name of the Vulnerable Software and Affected Versions: OpenSSL versions 1.0.2 through 1.0.2a excluding 1.0.2a Description: The issue allows remote attackers to cause a denial of service daemon crash via a ClientKeyExchange message with a length of zero, when client authentication and an ephemeral...
PT-2015-1683 · Openssl +1 · Openssl +3
Name of the Vulnerable Software and Affected Versions: OpenSSL versions 1.0.2 through 1.0.2a excluding 1.0.2a Description: The issue is related to the dtls1 listen function in OpenSSL, which does not properly isolate state information of independent data streams. This can be exploited by a remote...