The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f up to and including 0.9.8m allows remote malicious users to cause a denial of service (crash) via a malformed record in a TLS connection that triggers a NULL pointer dereference, related to the minor version number. NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openssl openssl 0.9.8m |
||
openssl openssl 0.9.8g |
||
openssl openssl 0.9.8k |
||
openssl openssl 0.9.8j |
||
openssl openssl 0.9.8l |
||
openssl openssl 0.9.8i |
||
openssl openssl 0.9.8f |
||
openssl openssl 0.9.8h |