CVE-2011-3210

NONECVSS 0.0

0.0

The ephemeral ECDH ciphersuite functionality in OpenSSL 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e does not ensure thread safety during processing of handshake messages from clients, which allows remote attackers to cause a denial of service (daemon crash) via out-of-order messages that violate the TLS protocol.

🔗 References (22)

secalert@redhathttp://cvs.openssl.org/chngview?cn=21337
secalert@redhathttp://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
secalert@redhathttp://marc.info/?l=bugtraq&m=132750648501816&w=2
secalert@redhathttp://marc.info/?l=bugtraq&m=133226187115472&w=2
secalert@redhathttp://openssl.org/news/secadv_20110906.txt
secalert@redhathttp://secunia.com/advisories/57353
secalert@redhathttp://support.apple.com/kb/HT5784
secalert@redhathttp://www-01.ibm.com/support/docview.wss?uid=ssg1S1004564
secalert@redhathttp://www.mandriva.com/security/advisories?name=MDVSA-2011:137
secalert@redhathttp://www.securitytracker.com/id?1026012
secalert@redhathttps://bugzilla.redhat.com/show_bug.cgi?id=736079
af854a3a-2127-422b-91ae-364da2661108http://cvs.openssl.org/chngview?cn=21337
af854a3a-2127-422b-91ae-364da2661108http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=132750648501816&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=133226187115472&w=2

Is Your Infrastructure Affected by CVE-2011-3210?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2011-3210

📅 Published

🔄 Last Modified

🔗 References (22)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2011-3210?