Intrusion Prevention

OpenSSL.Handshake.DoS

Description

This indicates a possible attempt to exploit a vulnerability in the OpenSSL library.
The vulnerability is caused by a NULL pointer dereference in the function do_change_cipher_spec defined in ssl/s3_pkt.c. It allows remote attackers to crash the server via a crafted SSL/TLS handshake.

Affected Products

OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c

Impact

Denial of service.

Recommended Actions

Upgrade to OpenSSL 0.9.7d or 0.9.6m. Recompile any OpenSSL applications that are statically linked to OpenSSL libraries.
ftp://ftp.openssl.org/source/

CVE References

CVE-2004-0079