SUSE CVE-2014-3513

Memory leak in d1srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service memory consumption via a crafted handshake message...

Denial Of Service (DoS) Through Memory Consumption

OpenSSL is vulnerable to denial of service DoS attacks. These attacks are possible because there is a memory leak in d1srtp.c which allows remote attackers to consume all the memory through a handshake message...

CVE-2014-9424

CVE-2014-9424 affects LibreSSL prior to 2.1.2. The vulnerability is a double-free in ssl_parse_clienthello_use_srtp_ext() within d1_srtp.c, which can trigger a length-verification error during DTLS handshake and may cause a denial of service (or unspecified impact). The issue is fixed by upgradin...

CVE-2014-3513

CVE-2014-3513 concerns OpenSSL 1.0.1 to 1.0.1j with a memory-leak in the DTLS SRTP extension parser (d1_srtp.c). A crafted handshake can exhaust memory and trigger a DoS. Several vendors/advisories (IBM AIX, F5 BIG-IP, Debian) document the issue and indicate affected OpenSSL server implementation...