CVE-2014-3513CVE-2014-3513

Affected configuration(s):

cpe:/a:openssl:openssl:1.0.1
cpe:/a:openssl:openssl:1.0.1:beta1
cpe:/a:openssl:openssl:1.0.1:beta2
cpe:/a:openssl:openssl:1.0.1:beta3
cpe:/a:openssl:openssl:1.0.1a
cpe:/a:openssl:openssl:1.0.1b
cpe:/a:openssl:openssl:1.0.1c
cpe:/a:openssl:openssl:1.0.1d
cpe:/a:openssl:openssl:1.0.1e
cpe:/a:openssl:openssl:1.0.1f
cpe:/a:openssl:openssl:1.0.1g
cpe:/a:openssl:openssl:1.0.1h
cpe:/a:openssl:openssl:1.0.1i

Date published: 2014-10-18T21:55:13.887-04:00

Date last modified: 2017-01-02T21:59:03.937-05:00

CVSS Score: 7.1

Principal attack vector: NETWORK

Complexity:  MEDIUM

Reference URL: ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2014-015.txt.asc

Summary: Memory leak in d1_srtp.c in the DTLS SRTP extension in OpenSSL 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted handshake message.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.