Description
OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites," which triggers a NULL pointer dereference.
Remediation
References
Related Vulnerabilities
Microsoft SQL Server CVE-2023-23384 Vulnerability (CVE-2023-23384)
WebLogic Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-10152)
WordPress Plugin Auto Affiliate Links Multiple SQL Injection Vulnerabilities (4.9.9.4)