The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote attackers to cause a denial of service (daemon crash) via out-of-order messages that violate the TLS protocol.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2011-09-22T10:00:00
Updated: 2014-03-18T11:57:00
Reserved: 2011-08-19T00:00:00
Link: CVE-2011-3210
JSON object: View
NVD Information
Status : Modified
Published: 2011-09-22T10:55:03.523
Modified: 2014-03-26T04:22:06.027
Link: CVE-2011-3210
JSON object: View
Redhat Information
No data.
CWE