Intrusion Prevention



This indicates an attack attempt to exploit a Denial of Service vulnerability in OpenSSL.
The vulnerability is due to an error in the application when it handles maliciously crafted SSL/TLS messages. A remote attacker can exploit this to cause memory leakage and finally denial of service conditions.

Affected Products

OpenSSL prior to 1.0.1j
OpenSSL prior to 1.0.0o
OpenSSL prior to 0.9.8zc


Denial of Service: Remote attackers can crash vulnerable systems

Recommended Actions

Apply the most recent upgrade or patch from the vendor.

CVE References