Description
The sigalgs implementation in t1_lib.c in OpenSSL 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) by using an invalid signature_algorithms extension in the ClientHello message during a renegotiation.
Remediation
References
Related Vulnerabilities
WordPress Plugin Advanced Text Widget 'page' Parameter Cross-Site Scripting (2.0.0)
WordPress Plugin jRSS Widget 'url' Parameter Directory Traversal (1.1.1)
Magento Improper Access Control Vulnerability (CVE-2021-36036)
WordPress Plugin Internal Links Manager Multiple Cross-Site Scripting Vulnerabilities (2.1.0)
MediaWiki Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2010-1648)