CVE-2013-6450

by Fred · 01/01/2014

The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c.

Date published : 2014-01-01

http://www.securityfocus.com/bid/64618

http://www.securityfocus.com/archive/1/534161/100/0/threaded

CVE-2013-6450

Related

Recent Posts

Categories

Latest CWE

CVE-2013-6450

Share this:

Related

Recent Posts

Categories

Tags

Latest CWE