![]() (CVE-2014-3506)Ī memory leak error exists in ‘d1_both.c’ related to handling specially crafted DTLS packets that allows denial of service attacks. (CVE-2014-3505)Īn unspecified error exists in ‘d1_both.c’ related to handling DTLS handshake messages that allows denial of service attacks due to large amounts of memory being consumed. Note that this issue only affects OpenSSL TLS clients.Ī memory double-free error exists in ‘d1_both.c’ related to handling DTLS packets that allows denial of service attacks. ![]() (CVE-2014-0224)Īn unspecified error exists related to anonymous ECDH cipher suites that can allow denial of service attacks. ![]() Note that this issue only affects OpenSSL when used as a DTLS client.Īn unspecified error exists in how ChangeCipherSpec messages are processed that can allow an attacker to cause usage of weak keying material, leading to simplified man-in-the-middle attacks. (CVE-2014-0198)Īn error exists related to DTLS handshake handling that can lead to denial of service attacks. Note that this issue is exploitable only if ‘SSL_MODE_RELEASE_BUFFERS’ is enabled. Note that this issue only affects OpenSSL when used as a DTLS client or server.Īn error exists in the function ‘do_ssl3_write’ that can allow a NULL pointer to be dereferenced leading to denial of service attacks. ![]() (CVE-2010-5298)Ī buffer overflow error exists related to invalid DTLS fragment handling that can lead to the execution of arbitrary code. ![]() It is, therefore, affected by the following vulnerabilities :Īn error exists in the function ‘ssl3_read_bytes’ that can allow data to be injected into other sessions or allow denial of service attacks. According to its self-reported version number, the Apache Tomcat service listening on the remote host is 6.0.x prior to 6.0.43. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |