3 matches found
openssl: Invalid TLS/SSL session tickets could cause memory leak leading to server crash
A memory leak flaw was found in the way an OpenSSL handled failed session ticket integrity checks. A remote attacker could exhaust all available memory of an SSL/TLS or DTLS server by sending a large number of invalid session tickets to that server...
openssl: Invalid TLS/SSL session tickets could cause memory leak leading to server crash
A memory leak flaw was found in the way an OpenSSL handled failed session ticket integrity checks. A remote attacker could exhaust all available memory of an SSL/TLS or DTLS server by sending a large number of invalid session tickets to that server...
CVSTrac Invalid Ticket DoS
The remote host seems to be running cvstrac, a web-based bug and patch-set tracking system for CVS. This version contains a flaw related to invalid tickets that may allow an attacker to cause the application to crash. An attacker, exploiting this flaw, would be able to remotely shut down the...