Description

OpenSSL 0.9.8f and 0.9.8g allows remote attackers to cause a denial of service (crash) via a TLS handshake that omits the Server Key Exchange message and uses "particular cipher suites," which triggers a NULL pointer dereference.

Remediation

References

CVE-2008-1672

Related Vulnerabilities

WordPress Plugin Feed Them Social-for Twitter feed, Youtube and more Cross-Site Request Forgery (2.8.6)

Oracle Database Server CVE-2011-0835 Vulnerability (CVE-2011-0835)

Drupal Core 7.x Multiple Vulnerabilities (7.0 - 7.17)

Apache Tomcat URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-11784)

WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease SQL Injection (4.1.4)

Severity

Medium

Classification

CVE-2008-1672 CWE-476

Tags

Missing Update Known Vulnerabilities