The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug."
References
Configurations
History
No history.
Information
Published : 2009-05-19 19:30
Updated : 2024-02-07 18:01
NVD link : CVE-2009-1377
Mitre link : CVE-2009-1377
CVE.ORG link : CVE-2009-1377
JSON object : View
Products Affected
openssl
- openssl
CWE
CWE-119
Improper Restriction of Operations within the Bounds of a Memory Buffer