Bugzilla – Bug 1254
Denial of Service vulnerabilities in OpenSSL
Last modified: 2008-08-11 13:54:18
You need to
before you can comment on or make changes to this bug.
The OpenSSL project has recently published a report detailing several problems
with the OpenSSL ASN.1 handling:
These problems can be exploited for denial of service attacks against
servers/services using the older openssl source release. To the best of our
knowledge there bugs can not be used to gain unauthorized access to systems
running the problematic code.
Update packages are now available.