Description
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
Remediation
References
Related Vulnerabilities
WordPress Plugin White Label CMS Cross-Site Scripting (1.5.2)
Drupal Inclusion of Functionality from Untrusted Control Sphere Vulnerability (CVE-2017-6381)
Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1000399)
Jenkins Inadequate Encryption Strength Vulnerability (CVE-2017-2598)