Advisory ID

12761

Release date

20160926

Last Updated

20160926

Issue Severity

None

Source

Source

openssl.org

Release date

20160922

CVSS v2 Base Score

Low

Problem Description

If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a DoS attack where a malformed ticket will result in an OOB read which will ultimately crash.

Impact

None.

Affected Products

None - no Foxt product supports SHA-512 session tickets.

Workaround

N/A.

Obtaining Fixed Software

N/A.

External References

OpenSSL Security Advisory.










Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: May 25, 2018