Vulnerabilities

CVE-2014-5139

by Fred · 13/08/2014

The ssl_set_client_disabled function in t1_lib.c in OpenSSL 1.0.1 before 1.0.1i allows remote SSL servers to cause a denial of service (NULL pointer dereference and client application crash) via a ServerHello message that includes an SRP ciphersuite without the required negotiation of that ciphersuite with the client.

Date published : 2014-08-13

http://www.securityfocus.com/bid/69077

http://aix.software.ibm.com/aix/efixes/security/openssl_advisory10.asc

Similar

Tags: Cybersecurity Alert