ssl/s3_pkt.c in OpenSSL prior to 0.9.8i allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openssl openssl |
||
redhat openssl 0.9.6-15 |
||
redhat openssl 0.9.6b-3 |
||
redhat openssl 0.9.7a-2 |
||
canonical ubuntu linux 9.04 |
||
canonical ubuntu linux 8.10 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 6.06 |