Novell Home

CVE-2013-6450

Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2013-6450 at MITRE

Description

The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c.

NVD CVSS v2 Base Score: 5.8 (AV:N/AC:M/Au:N/C:N/I:P/A:P)

Novell/SUSE information

Novell Bugzilla entries: 857203, 861384

SUSE Security Advisories:

© 2014 Novell