Lucene search

K

Veracode Vulnerability DatabaseVERACODE:23960

HistoryApr 10, 2020 - 12:41 a.m.

Denial Of Service (DoS)

2020-04-1000:41:58

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

10

EPSS

0.143

Percentile

95.7%

OpenSSL is vulnerable to denial of service flaw. NULL pointer dereference occurs in The mime_hdr_cmp function in crypto/asn1/asn_mime which allows a remote attacker to cause a DTLS server to use excessive amounts of memory, or crash on an invalid memory access or NULL pointer dereference.

References

cvs.openssl.org/chngview?cn=22144

marc.info/?l=bugtraq&m=133728068926468&w=2

marc.info/?l=openssl-dev&m=115685408414194&w=2

secunia.com/advisories/36533

secunia.com/advisories/48153

secunia.com/advisories/48516

secunia.com/advisories/48899

www.mail-archive.com/[email protected]/msg30305.html

www.openwall.com/lists/oss-security/2012/02/27/10

www.openwall.com/lists/oss-security/2012/02/28/14

www.redhat.com/security/updates/classification/#moderate

www.redhat.com/support/errata/RHSA-2009-1335.html

www.securityfocus.com/bid/52181

www.ubuntu.com/usn/USN-1424-1

access.redhat.com/errata/RHSA-2009:1335

bugzilla.novell.com/show_bug.cgi?id=748738

bugzilla.redhat.com/show_bug.cgi?id=798100

EPSS

0.143

Percentile

95.7%

Related for VERACODE:23960

ubuntucve2 openvas14 nvd4 nessus13 cve4 cvelist2 f54 debiancve2 prion1 securityvulns1 ubuntu1 aix1 centos1 redhat1 oraclelinux1 gentoo1 suse1 lenovo2