Vulnerabilities

CVE-2017-3733

by Fred · 04/05/2017

During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.

Date published : 2017-05-04

http://www.securityfocus.com/bid/96269

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

Similar

Tags: Cybersecurity Alert