Summary
It was discovered that incorrect memory handling in OpenSSL's do_ssl3_write() function could result in denial of service.
The oldstable distribution (squeeze) is not affected.
Solution
For the stable distribution (wheezy), this problem has been fixed in version 1.0.1e-2+deb7u9.
For the testing distribution (jessie), this problem has been fixed in version 1.0.1g-4.
For the unstable distribution (sid), this problem has been fixed in version 1.0.1g-4.
We recommend that you upgrade your openssl packages.
Insight
This package contains the openssl binary and related tools.
Affected
openssl on Debian Linux
Detection
This check tests the installed software version using the apt package manager.
References
Updated on 2015-03-25
Severity
Classification
-
CVE CVE-2014-0198 -
CVSS Base Score: 4.3
AV:N/AC:M/Au:N/C:N/I:N/A:P
Related Vulnerabilities