Description
The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.
Remediation
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2009-4301)
Apache Tomcat Cryptographic Issues Vulnerability (CVE-2011-5064)
PHP Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2010-2531)
WordPress Plugin GA Google Analytics Cross-Site Scripting (20210211)