Description
Memory leak in the tls_decrypt_ticket function in t1_lib.c in OpenSSL before 0.9.8zc, 1.0.0 before 1.0.0o, and 1.0.1 before 1.0.1j allows remote attackers to cause a denial of service (memory consumption) via a crafted session ticket that triggers an integrity-check failure.
Remediation
References
Related Vulnerabilities
WordPress 2.3.2 Post Edit Unauthorized Access Vulnerability (0.7 - 2.3.2)
WordPress Plugin WP Mega Menu Unspecified Vulnerability (1.4.1)
PostgreSQL Other Vulnerability (CVE-2002-1402)
OpenSSL Numeric Errors Vulnerability (CVE-2009-0789)
WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2018-2628)