Description
d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values.
Remediation
References
Related Vulnerabilities
MediaWiki Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2021-36125)
MediaWiki Other Vulnerability (CVE-2006-2895)
phpBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-6506)
WordPress Plugin WP OAuth Server (OAuth Authentication) Security Bypass (3.1.4)