4 matches found
K15147: OpenSSL vulnerability CVE-2013-6449
Security Advisory Description The sslgetalgorithm2 function in ssl/s3lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service daemon crash via crafted traffic from a TLS 1.2 client. CVE-2013-6449...
Denial Of Service (DoS)
OpenSSL is vulnerable to denial of service DoS attacks. These attacks are possible because the sslgetalgorithm2 function obtains a version number from an incorrect data structure crashing the daemon through traffic from a TLS 1.2 client...
OpenSSL ssl_get_algorithm2 TLS Denial of Service (CVE-2013-6449)
A denial of service vulnerability has been reported in OpenSSL. The vulnerability is due to an error in sslgetalgorithms2 where the SSL/TLS version is obtained from an incorrect structure leading to a NULL pointer dereference when computing a message digest. A remote unauthenticated attacker can...
CVE-2013-6449
The sslgetalgorithm2 function in ssl/s3lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service daemon crash via crafted traffic from a TLS 1.2 client...