Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 prior to 1.0.1j allows remote malicious users to cause a denial of service (memory consumption) via a crafted handshake message.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openssl openssl 1.0.1 |
||
openssl openssl 1.0.1h |
||
openssl openssl 1.0.1c |
||
openssl openssl 1.0.1g |
||
openssl openssl 1.0.1a |
||
openssl openssl 1.0.1d |
||
openssl openssl 1.0.1b |
||
openssl openssl 1.0.1e |
||
openssl openssl 1.0.1f |
||
openssl openssl 1.0.1i |
Four new patches for open-source crypto libraries
Poodle If you're using the popular OpenSSL open source cryptography library, you have more to worry about than the recently disclosed POODLE (Padding Oracle On Downgraded Legacy Encryption) vulnerability, project devs have warned. In addition to patching two POODLE-related bugs, new releases of OpenSSL issued on Wednesday also close a pair of memory leaks that can allow attackers to launch denial-of-service attacks against OpenSSL-enabled servers. The most serious of these is a bug in OpenSSL's ...