65 matches found
DEBIAN-CVE-2013-1586
The fragmentsettotlen function in epan/reassemble.c in Wireshark 1.6.x before 1.6.13 and 1.8.x before 1.8.5 does not properly determine the length of a reassembled packet for the DTLS dissector, which allows remote attackers to cause a denial of service application crash via a malformed packet...
OpenSSL DTLS ChangeCipherSpec Remote DoS
This module performs a Denial of Service Attack against Datagram TLS in OpenSSL version 0.9.8i and earlier. OpenSSL crashes under these versions when it receives a ChangeCipherspec Datagram before a ClientHello. This module requires Metasploit: https://metasploit.com/download Current source:...
CentOS 5 : openssl (CESA-2009:1335)
Updated openssl packages that fix several security issues, various bugs, and add enhancements are now available for Red Hat Enterprise Linux 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. OpenSSL is a toolkit that implements the Secure...
RedHat Security Advisory RHSA-2009:1335
The remote host is missing updates announced in advisory RHSA-2009:1335. OpenSSL is a toolkit that implements the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 protocols, as well as a full-strength general purpose cryptography library. Datagram TLS DTLS is a protocol based on...
OpenSSL: DTLS pointer use-after-free flaw (DoS)
Use-after-free vulnerability in the dtls1retrievebufferedfragment function in ssl/d1both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service openssl sclient crash and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server tha...