Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service (memory consumption) via crafted DTLS messages.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
OpenSSL 安全漏洞
Vulnerability Description
OpenSSL是OpenSSL团队开发的一个开源的能够实现安全套接层(SSL v2/v3)和安全传输层(TLS v1)协议的通用加密库,它支持多种加密算法,包括对称密码、哈希算法、安全散列算法等。 OpenSSL 1.1.0a之前的1.1.0版本中的DTLS实现过程中的statem/statem_dtls.c文件存在安全漏洞,该漏洞源于程序在检查超标的长度前错误的分配内存。远程攻击者可借助特制的DTLS信息利用该漏洞造成拒绝服务(内存损坏)。
CVSS Information
N/A
Vulnerability Type
N/A