Description

The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.

Remediation

References

CVE-2011-4619

Related Vulnerabilities

Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8146)

WordPress Plugin Advanced Custom Fields (ACF) Multiple Security Bypass Vulnerabilities (5.10.2)

Oracle Database Server Cryptographic Issues Vulnerability (CVE-2006-0270)

Magento Authorization Bypass Through User-Controlled Key Vulnerability (CVE-2019-7925)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-45038)

Severity

Medium

Classification

CVE-2011-4619

Tags

Missing Update Known Vulnerabilities