Vulnerabilities

CVE-2009-1379

by Fred · 19/05/2009

Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.

Date published : 2009-05-19

http://www.securityfocus.com/bid/35138

http://rt.openssl.org/Ticket/Display.html?id=1923&user=guest&pass=guest

Similar

Tags: Cybersecurity Alert