Bug 1254

Summary: Denial of Service vulnerabilities in OpenSSL
Product: GSI C Reporter: Sam Meder <meder@mcs.anl.gov>
Component: Credentials and ProxiesAssignee: Sam Meder <meder@mcs.anl.gov>
Status: RESOLVED FIXED    
Severity: normal CC: slang@mcs.anl.gov, vwelch@uiuc.edu
Priority: P2    
Version: unspecified   
Target Milestone: ---   
Hardware: PC   
OS: Linux   

Description From 2003-10-02 00:04:11 
The OpenSSL project has recently published a report detailing several problems
with the OpenSSL ASN.1 handling:

http://www.openssl.org/news/secadv_20030930.txt

These problems can be exploited for denial of service attacks against
servers/services using the older openssl source release. To the best of our
knowledge there bugs can not be used to gain unauthorized access to systems
running the problematic code.
------- Comment #1 From 2003-10-02 00:16:46 ------- 
Update packages are now available.