ID CVE-2016-8610
Summary A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.
References
Vulnerable Configurations
CVSS
Base: None
Impact:
Exploitability:
redhat via4
rpms
  • openssl-0:1.0.1e-48.el6_8.4
  • openssl-devel-0:1.0.1e-48.el6_8.4
  • openssl-perl-0:1.0.1e-48.el6_8.4
  • openssl-static-0:1.0.1e-48.el6_8.4
  • openssl-1:1.0.1e-60.el7_3.1
  • openssl-devel-1:1.0.1e-60.el7_3.1
  • openssl-libs-1:1.0.1e-60.el7_3.1
  • openssl-perl-1:1.0.1e-60.el7_3.1
  • openssl-static-1:1.0.1e-60.el7_3.1
  • gnutls-0:2.12.23-21.el6
  • gnutls-devel-0:2.12.23-21.el6
  • gnutls-guile-0:2.12.23-21.el6
  • gnutls-utils-0:2.12.23-21.el6
Last major update 13-11-2017 - 17:29
Published 13-11-2017 - 17:29
Last modified 14-11-2017 - 21:29
Back to Top