diff options
author | Dr. Stephen Henson <steve@openssl.org> | 2014-07-25 00:50:06 +0100 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2014-08-06 20:36:41 +0100 |
commit | 80bd7b41b30af6ee96f519e629463583318de3b0 (patch) | |
tree | 827671d277fa089328058964009069671ead5157 /crypto/md5 | |
parent | fb0bc2b273bcc2d5401dd883fe869af4fc74bb21 (diff) |
Fix SRP ciphersuite DoS vulnerability.
If a client attempted to use an SRP ciphersuite and it had not been
set up correctly it would crash with a null pointer read. A malicious
server could exploit this in a DoS attack.
Thanks to Joonas Kuorilehto and Riku Hietamäki from Codenomicon
for reporting this issue.
CVE-2014-2970
Reviewed-by: Tim Hudson <tjh@openssl.org>
Diffstat (limited to 'crypto/md5')
0 files changed, 0 insertions, 0 deletions