logo
DATABASE RESOURCES PRICING ABOUT US

Denial Of Service (DoS)

Description

openssl is vulnerable to denial of service. It was discovered that OpenSSL did not limit the number of TLS/SSL handshake restarts required to support Server Gated Cryptography. A remote attacker could use this flaw to make a TLS/SSL server using OpenSSL consume an excessive amount of CPU by continuously restarting the handshake.


Affected Software


CPE Name Name Version
openssl 0.9.8b__10.el5
openssl 0.9.8e__12.el5_4.1
openssl 0.9.8b__8.3.el5_0.2
openssl 0.9.8e__12.el5_4.6
openssl 1.0.0__4.el6_0.2
openssl 0.9.8e__12.el5_5.7
openssl 0.9.7a__43.17.el4_6.1
openssl 0.9.8e__12.el5
openssl 1.0.0__10.el6_1.5
openssl 0.9.7a__43.17.el4_7.2
openssl 1.0.0__10.el6
openssl 1.0.0__4.el6
openssl 0.9.7a__43.17.el4_8.6
openssl 1.0.0__4.el6_0.1
openssl 1.0.0__10.el6_1.4
openssl 0.9.8b__8.3.el5
openssl 0.9.7a__43.17.el4_8.5
openssl 0.9.8b__10.el5_2.1
openssl 0.9.8e__7.el5
openssl 0.9.8b__10.el5
openssl 0.9.8e__12.el5_4.1
openssl 0.9.8b__8.3.el5_0.2
openssl 0.9.8e__12.el5_4.6
openssl 1.0.0__4.el6_0.2
openssl 0.9.8e__12.el5_5.7
openssl 0.9.7a__43.17.el4_6.1
openssl 0.9.8e__12.el5
openssl 1.0.0__10.el6_1.5
openssl 0.9.7a__43.17.el4_7.2
openssl 1.0.0__10.el6
openssl 1.0.0__4.el6
openssl 0.9.7a__43.17.el4_8.6
openssl 1.0.0__4.el6_0.1
openssl 1.0.0__10.el6_1.4
openssl 0.9.8b__8.3.el5
openssl 0.9.7a__43.17.el4_8.5
openssl 0.9.8b__10.el5_2.1
openssl 0.9.8e__7.el5

Related