QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2009-1379

Back to search

CVE-2009-1379

Published: May 19, 2009

Modified: Aug 7, 2024

PUBLISHED

Description

Use-after-free vulnerability in the dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL 1.0.0 Beta 2 allows remote attackers to cause a denial of service (openssl s_client crash) and possibly have unspecified other impact via a DTLS packet, as demonstrated by a packet from a server that uses a crafted server certificate.

VendorProductVersions

n/a

n/a

affected
n/a

References

42724
third-party-advisory
x_refsource_SECUNIA
SSA:2010-060-02
vendor-advisory
x_refsource_SLACKWARE
38794
third-party-advisory
x_refsource_SECUNIA
ADV-2009-1377
vdb-entry
x_refsource_VUPEN
35729
third-party-advisory
x_refsource_SECUNIA
GLSA-200912-01
vendor-advisory
x_refsource_GENTOO
RHSA-2009:1335
vendor-advisory
x_refsource_REDHAT
HPSBMA02492
vendor-advisory
x_refsource_HP
38761
third-party-advisory
x_refsource_SECUNIA
37003
third-party-advisory
x_refsource_SECUNIA
36533
third-party-advisory
x_refsource_SECUNIA
1022241
vdb-entry
x_refsource_SECTRACK
USN-792-1
vendor-advisory
x_refsource_UBUNTU
SUSE-SR:2009:011
vendor-advisory
x_refsource_SUSE
oval:org.mitre.oval:def:9744
vdb-entry
signature
x_refsource_OVAL
35138
vdb-entry
x_refsource_BID
38834
third-party-advisory
x_refsource_SECUNIA
35461
third-party-advisory
x_refsource_SECUNIA
35571
third-party-advisory
x_refsource_SECUNIA
oval:org.mitre.oval:def:6848
vdb-entry
signature
x_refsource_OVAL
35416
third-party-advisory
x_refsource_SECUNIA
SSRT100079
vendor-advisory
x_refsource_HP
42733
third-party-advisory
x_refsource_SECUNIA
ADV-2010-0528
vdb-entry
x_refsource_VUPEN

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now