Description
The dtls1_get_message_fragment function in d1_both.c in OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h allows remote attackers to cause a denial of service (recursion and client crash) via a DTLS hello message in an invalid DTLS handshake.
Remediation
References
Related Vulnerabilities
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-5265)
WordPress Plugin Controlled Admin Access Security Bypass (1.5.5)
Atlassian Jira Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2928)
WordPress Plugin Timetable and Event Schedule by MotoPress Unspecified Vulnerability (2.4.3)