CVE-2016-2179 in Business Intelligence Enterprise Editioninfo

Zusammenfassung (Englisch)

The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Reservieren

29.01.2016

Veröffentlichung

16.09.2016

Status

Bestätigt

Einträge

VulDB provides additional information and datapoints for this CVE:

ID	Schwachstelle	CWE	Aus	Mas	CVE
112027	Oracle Business Intelligence Enterprise Edition Analytics Server Denial of Service	399	Proof-of-Concept	Offizieller Fix	CVE-2016-2179
91906	OpenSSL DTLS Buffer Denial of Service	404	Nicht definiert	Offizieller Fix	CVE-2016-2179
90940	OpenSSL DTLS Fragment Memory Denial of Service	399	Nicht definiert	Offizieller Fix	CVE-2016-2179

Beschreibung

CPE

CWE

CVSS

Exploits

History

Diff

Verknüpfen

Threat Intelligence

API JSON

API XML

API CSV

Quellen

◂ ZurückÜbersichtWeiter ▸

Might our Artificial Intelligence support you?

Check our Alexa App!