The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 prior to 1.1.0a allows remote malicious users to cause a denial of service (infinite loop) by triggering a zero-length record in an SSL_peek call.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openssl openssl 1.1.0 |
Denial of service dross dead.
A dozen flaws have been patched in OpenSSL, including one high severity hole that allows denial of service attacks. The OpenSSL Project pushed patches in versions 1.1.0a, 1.0.2i and 1.0.1u, with most of the flaws flagged as low severity risks. The nastiest vulnerability (CVE-2016-6304) results when attackers issue a massive OCSP status request extension which exhausts memory on servers in default configuration. Researcher Shi Lei of vulnerability blitzkrieg house Qihoo 360 spotted that one. Admi...