Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » OpenSSL's undisclosed high-severity issue is far from FREAK, POODLE, or Heartbleed

OpenSSL's undisclosed high-severity issue is far from FREAK, POODLE, or Heartbleed

2015/03/19

Softpedia - (International) OpenSSL released an update for its cryptographic library addressing one high severity denial-of-service (DoS) vulnerability affecting version 1.0.2 that could allow a NULL pointer dereference to occur. The update also addressed a number of other moderate vulnerabilities affecting several OpenSSL versions including segmentation faults and an issue with processing Base64 encoded data.

Source: http://news.softpedia.com/news/OpenSSL-s-Undisclosed-High-Severity-Issue-Is-Far-from-FREAK-POODLE-or-Heartbleed-476254.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:23:47