SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  OpenSSL Session Ticket DoS 1

Category: WEB-TLS      

OpenSSL contains a flaw in the SSL, TLS, and DTLS servers that is triggered when handling a session ticket that has failed to have its integrity properly verified, which can result in a memory leak. With a large number of invalid session tickets, a remote attacker can cause a denial of service.

References
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3567


Relevant Information