OpenSSL 0.9.8f and 0.9.8g allows remote malicious users to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites," which triggers a NULL pointer dereference.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openssl openssl 0.9.8f |
||
openssl openssl 0.9.8g |
||
canonical ubuntu linux 8.04 |