CVE-2009-1386

EPSS 47.6%
Published: 6/4/2009Modified: 4/28/2026
Also known as:DEBIAN-CVE-2009-1386

Description

ssl/s3_pkt.c in OpenSSL before 0.9.8i allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a DTLS ChangeCipherSpec packet that occurs before ClientHello.

Affected packages (1)

References (1)