Security Bulletin: Multiple OpenSSL vulnerabilities
|
Información sobre el sistema
|
|
|
Software afectado |
IBM |
Descripción
|
DESCRIPTION (From cve.mitre.org) CVE-2013-4353: A carefully crafted invalid TLS handshake could crash OpenSSL with a NULL pointer exception. A malicious server could use this flaw to crash a connecting client. This issue only affected OpenSSL 1.0.1 versions. CVE-2013-6449: A flaw in OpenSSL can cause an application using OpenSSL to crash when using TLS version 1.2. This issue only affected OpenSSL 1.0.1 versions. OpenSSL is vulnerable to a denial of service, caused by an error in the
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/security_bulletin_multiple_openssl_vulnerabilities?lang=en_us |
Identificadores estándar
|
Propiedad |
Valor |
CVE |
CVE-2013-4353 ,CVE-2013-6449 ,CVE-2013-4548 ,CVE-2013-5780 ,CVE-2013-5372 ,CVE-2013-5803 ,CVE-2013-6304 ,CVE-2014-0411 ,CVE-2013-6440 and CVE-2013-6450. |