FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

OpenSSL -- DTLS and TLS 1.1, 1.2 denial of service

Affected packages
openssl < 1.0.1_2

Details

VuXML ID dba5d1c9-9f29-11e1-b511-003067c2616f
Discovery 2012-05-10
Entry 2012-05-10

OpenSSL security team reports:

A flaw in the OpenSSL handling of CBC mode ciphersuites in TLS 1.1, 1.2 and DTLS can be exploited in a denial of service attack on both clients and servers.

References

CVE Name CVE-2012-2333
URL http://www.openssl.org/news/secadv_20120510.txt