Back to search
CVE-2009-1387
Published: Jun 4, 2009
Modified: Aug 7, 2024
PUBLISHED
Description
The dtls1_retrieve_buffered_fragment function in ssl/d1_both.c in OpenSSL before 1.0.0 Beta 2 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence DTLS handshake message, related to a "fragment bug."
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
38794
third-party-advisory
x_refsource_SECUNIA
[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates
mailing-list
x_refsource_MLIST
http://cvs.openssl.org/chngview?cn=17958
x_refsource_CONFIRM
35729
third-party-advisory
x_refsource_SECUNIA
GLSA-200912-01
vendor-advisory
x_refsource_GENTOO
[oss-security] 20090602 Re: Two OpenSSL DTLS remote DoS
mailing-list
x_refsource_MLIST
RHSA-2009:1335
vendor-advisory
x_refsource_REDHAT
HPSBMA02492
vendor-advisory
x_refsource_HP
37003
third-party-advisory
x_refsource_SECUNIA
36533
third-party-advisory
x_refsource_SECUNIA
USN-792-1
vendor-advisory
x_refsource_UBUNTU
http://rt.openssl.org/Ticket/Display.html?id=1838&user=guest&pass=guest
x_refsource_CONFIRM
oval:org.mitre.oval:def:7592
vdb-entry
signature
x_refsource_OVAL
http://voodoo-circle.sourceforge.net/sa/sa-20091012-01.html
x_refsource_CONFIRM
38834
third-party-advisory
x_refsource_SECUNIA
35685
third-party-advisory
x_refsource_SECUNIA
35571
third-party-advisory
x_refsource_SECUNIA
SUSE-SR:2009:012
vendor-advisory
x_refsource_SUSE
oval:org.mitre.oval:def:10740
vdb-entry
signature
x_refsource_OVAL
SSRT100079
vendor-advisory
x_refsource_HP
ADV-2010-0528
vdb-entry
x_refsource_VUPEN
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now