CVE-2015-1794
06.12.2015, 20:59
The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 before 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message.Enginsight
| Vendor | Product | Version |
|---|---|---|
| openssl | openssl | 1.0.2 |
| openssl | openssl | 1.0.2a:a |
| openssl | openssl | 1.0.2b:b |
| openssl | openssl | 1.0.2c:c |
| openssl | openssl | 1.0.2d:d |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Common Weakness Enumeration