Description

OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.

Remediation

References

CVE-2004-0081

Related Vulnerabilities

WordPress Plugin White Label CMS Cross-Site Scripting (1.5.2)

Drupal Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2017-6381)

WordPress Plugin Tutor LMS-eLearning and online course solution Multiple Cross-Site Scripting Vulnerabilities (1.9.8)

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1000399)

Jenkins Inadequate Encryption Strength Vulnerability (CVE-2017-2598)

Severity

Medium

Classification

CVE-2004-0081

Tags

Missing Update Known Vulnerabilities