Vulnerability & Exploit Database

Back to search

OpenSSL DoS via reachable assert in SSLv2 servers (CVE-2015-0293)

Severity CVSS Published Added Modified
5 (AV:N/AC:L/Au:N/C:N/I:N/A:P) March 19, 2015 March 20, 2015 January 04, 2017

Description

The SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a allows remote attackers to cause a denial of service (s2_lib.c assertion failure and daemon exit) via a crafted CLIENT-MASTER-KEY message.

Scan For This Vulnerability

Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities

 Free InsightVM Trial

References

Solution

http-openssl-0_9_8-upgrade-0_9_8_z_f

Related Vulnerabilities