Gravità: : Medio
  Identificatori CVE: CVE-2009-1378
  Data notifica: 21 luglio 2015

  Descrizione

Multiple memory leaks in the dtls1_process_out_of_seq_message function in ssl/d1_both.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allow remote attackers to cause a denial of service (memory consumption) via DTLS records that (1) are duplicates or (2) have sequence numbers much greater than current sequence numbers, aka "DTLS fragment handling memory leak."

  Informazioni esposizione:

Apply associated Trend Micro DPI Rules.

  Soluzioni

  Trend Micro Deep Security DPI Rule Number: 1003515
  Trend Micro Deep Security DPI Rule Name: 1003515 - OpenSSL DTLS Remote Memory Exhaustion DoS

  Software e versione interessati:

  • openssl openssl 0.9.8a
  • openssl openssl 0.9.8b
  • openssl openssl 0.9.8c
  • openssl openssl 0.9.8d
  • openssl openssl 0.9.8e
  • openssl openssl 0.9.8f
  • openssl openssl 0.9.8g
  • openssl openssl 0.9.8h
  • openssl openssl 0.9.8i
  • openssl openssl 0.9.8j
  • openssl openssl 0.9.8k
  • openssl_project openssl 0.9.8c-1
  • openssl_project openssl 0.9.8c-2
  • openssl_project openssl 0.9.8c-3
  • openssl_project openssl 0.9.8c-4
  • openssl_project openssl 0.9.8c-5
  • openssl_project openssl 0.9.8c-6
  • openssl_project openssl 0.9.8c-8
  • openssl_project openssl 0.9.8c-9
  • openssl_project openssl 0.9.8d-1
  • openssl_project openssl 0.9.8d-2
  • openssl_project openssl 0.9.8d-3
  • openssl_project openssl 0.9.8d-4
  • openssl_project openssl 0.9.8d-5
  • openssl_project openssl 0.9.8d-6
  • openssl_project openssl 0.9.8d-7
  • openssl_project openssl 0.9.8d-8
  • openssl_project openssl 0.9.8d-9
  • openssl_project openssl 0.9.8e-1
  • openssl_project openssl 0.9.8e-2
  • openssl_project openssl 0.9.8e-3
  • openssl_project openssl 0.9.8e-4
  • openssl_project openssl 0.9.8e-5
  • openssl_project openssl 0.9.8e-6
  • openssl_project openssl 0.9.8e-7
  • openssl_project openssl 0.9.8e-8
  • openssl_project openssl 0.9.8e-9
  • openssl_project openssl 0.9.8f
  • openssl_project openssl 0.9.8f-1
  • openssl_project openssl 0.9.8f-2
  • openssl_project openssl 0.9.8f-3
  • openssl_project openssl 0.9.8f-4
  • openssl_project openssl 0.9.8f-5
  • openssl_project openssl 0.9.8f-6
  • openssl_project openssl 0.9.8f-7
  • openssl_project openssl 0.9.8f-8
  • openssl_project openssl 0.9.8f-9
  • openssl_project openssl 0.9.8g
  • openssl_project openssl 0.9.8g-1
  • openssl_project openssl 0.9.8g-2
  • openssl_project openssl 0.9.8g-3
  • openssl_project openssl 0.9.8g-4
  • openssl_project openssl 0.9.8g-5
  • openssl_project openssl 0.9.8g-6
  • openssl_project openssl 0.9.8g-7
  • openssl_project openssl 0.9.8g-8
  • openssl_project openssl 0.9.8g-9
  • openssl_project openssl 0.9.8c-7