Description

ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.

Remediation

References

CVE-2009-1386

Related Vulnerabilities

WordPress Plugin Dynamic Widgets 'id' Parameter Cross-Site Scripting (1.5.1)

PHP Other Vulnerability (CVE-2004-1065)

WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery Cross-Site Scripting (1.5.68)

Contao Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2023-29200)

WordPress Plugin WP OAuth Server (OAuth Authentication) Cross-Site Scripting (4.2.1)

Severity

Medium

Classification

CVE-2009-1386 CWE-476

Tags

Missing Update Known Vulnerabilities