CVE-2015-3216 in OpenSSLजानकारी

सारांश

द्वारा MITRE

Race condition in a certain Red Hat patch to the PRNG lock implementation in the ssleay_rand_bytes function in OpenSSL, as distributed in openssl-1.0.1e-25.el7 in Red Hat Enterprise Linux (RHEL) 7 and other products, allows remote attackers to cause a denial of service (application crash) by establishing many TLS sessions to a multithreaded server, leading to use of a negative value for a certain length field.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

आरक्षित करना

10/04/2015

प्रकटीकरण

07/07/2015

प्रविष्टि

VDB-75951

EPSS

0.04302

गतिविधियाँ

बहुत कम

क्षेत्र

Police, Insurance, ...

स्रोत

Do you know our Splunk app?

Download it now for free!