Description

Memory leak in the dtls1_buffer_record function in d1_pkt.c in OpenSSL 1.0.0 before 1.0.0p and 1.0.1 before 1.0.1k allows remote attackers to cause a denial of service (memory consumption) by sending many duplicate records for the next epoch, leading to failure of replay detection.

Remediation

References

CVE-2015-0206

Related Vulnerabilities

MySQL CVE-2018-2786 Vulnerability (CVE-2018-2786)

MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2019-16738)

Drupal Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-9449)

WordPress Plugin Table Maker Multiple Vulnerabilities (1.7)

Drupal Other Vulnerability (CVE-2006-2260)

Severity

Medium

Classification

CVE-2015-0206 CWE-119

Tags

Missing Update Known Vulnerabilities