11-16-2010, 04:30 PM
|
#1
|
LQ Guru
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870
|
OpenSSL TLS Server Extension Parsing Race Condition Vulnerability
Quote:
A vulnerability has been reported in OpenSSL, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially compromise an application using the library.
The vulnerability is caused due to a race condition within the TLS extension parsing code, which can be exploited to cause a heap-based buffer overflow.
|
Secunia Advisory
|
|
|