SUSE CVE-2014-3505

Double free vulnerability in d1both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service application crash via crafted DTLS packets that trigger an error condition...

The vulnerability of Cisco IPS software allows a malicious actor to trigger a service failure.

The vulnerability in the dtls1getmessagefragment function in d1both.c of OpenSSL allows malicious actors to induce a service failure recursion and abnormal client termination by using the DTLS hello message in an invalid manner...

DEBIAN-CVE-2014-3505

Double free vulnerability in d1both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service application crash via crafted DTLS packets that trigger an error condition...

Design/Logic Flaw

Use-after-free vulnerability in the dtls1retrievebufferedfragment function in ssl/d1both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service openssl sclient crash and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server tha...