Description
ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.
Remediation
References
Related Vulnerabilities
Oracle Application Server Other Vulnerability (CVE-2004-1774)
phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2010-3055)
Jenkins Missing Authorization Vulnerability (CVE-2019-10354)
MySQL CVE-2014-4233 Vulnerability (CVE-2014-4233)
WordPress Plugin Backup Migration Arbitrary File Download (1.3.6)