remote denial-of-service in openssl

ID SUSE-SA:2003:043
Type suse
Reporter Suse
Modified 2003-10-01T17:18:32


OpenSSL is an implementation of the Secure Socket Layer (SSL v2/3) and Transport Layer Security (TLS v1) protocol. While checking the openssl implementation with a tool-kit from NISCC several errors were revealed most are ASN.1 encoding issues that causes a remote denial-of-service attack on the server side and possibly lead to remote command execution.