CVE-2013-6449
EPSS 47.0%openssl - several
發布日:2013/12/23修改日:2026/4/28
也稱為:DEBIAN-CVE-2013-6449
描述
The ssl_get_algorithm2 function in ssl/s3_lib.c in OpenSSL before 1.0.2 obtains a certain version number from an incorrect data structure, which allows remote attackers to cause a denial of service (daemon crash) via crafted traffic from a TLS 1.2 client.
受影響套件(2)
- Debian/opensslfrom 0, < 1.0.1e-5
- Debian/opensslfrom 0, < 1.0.1e-2+deb7u1