The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL prior to 1.0.0 Beta 2 allows remote malicious users to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug."
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openssl openssl |
||
redhat openssl 0.9.6-15 |
||
redhat openssl 0.9.6b-3 |
||
redhat openssl 0.9.7a-2 |
||
canonical ubuntu linux 9.04 |
||
canonical ubuntu linux 8.10 |
||
canonical ubuntu linux 8.04 |
||
canonical ubuntu linux 6.06 |