Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenSSL 安全漏洞
Vulnerability Description
OpenSSL是OpenSSL团队开发的一个开源的能够实现安全套接层(SSL v2/v3)和安全传输层(TLS v1)协议的通用加密库,它支持多种加密算法,包括对称密码、哈希算法、安全散列算法等。 OpenSSL 0.9.8y及之前的版本和1.x至1.0.1e版本中的DTLS重新传输过程中存在安全漏洞,该漏洞源于程序没有正确维护数据结构。攻击者可利用该漏洞实施中间人攻击,触发使用不同的数据。
CVSS Information
N/A
Vulnerability Type
N/A