Advisory ID

12761

Release date

20160926

Last Updated

20160926

Issue Severity

None

 

Source

Source

openssl.org

Release date

20160922

CVSS v2 Base Score

Low

Problem Description

If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a DoS attack where a malformed ticket will result in an OOB read which will ultimately crash.

 

Impact

None.

 

Affected Products

None - no Foxt product supports SHA-512 session tickets.

Workaround

N/A.

 

Obtaining Fixed Software

 

N/A.

External References

OpenSSL Security Advisory.










Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: April 16, 2019