redpig.dataspill.org » SA-2006-0005 NULL pointer dereference in openssl

The get_server_hello function in the SSLv2 client code in OpenSSL 0.9.7 before 0.9.7l, 0.9.8 before 0.9.8d, and earlier versions allows remote servers to cause a denial of service (client crash) via unknown vectors that trigger a null pointer dereference.

Temporarily just giving the CVE summary: CVE-2006-4343

2006-08-24
tags: findings - openssl

this page does not necessarily reflect the views of my employer or anyone i'm associated with.
redpig@dataspill.org