Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
OpenSSL DTLS Packets Multiple DOS Vulnerabilities (win)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
This host is running OpenSSL and is prone to Multiple Denial of Service Vulnerabilities
Insight
Insight
Multiple flaws are due to, - The library does not limit the number of buffered DTLS records with a future epoch. - An error when processing DTLS messages can be exploited to exhaust all available memory by sending a large number of out of sequence handshake messages. - A use-after-free error in the 'dtls1_retrieve_buffered_fragment()' function can be exploited to cause a crash in a client context.
Affected Software
Affected Software
OpenSSL version 0.9.8 to version 0.9.8k on Windows. OpenSSL version 1.0.0 Beta2 and prior on Windows.
Solution
Solution
Apply patches or upgrade to the latest version.