๐ OpenSSL 1.0.0 up to 1.0.1e TLS Cipher ssl/s3_lib.c ssl_get_algorithm2 cryptographic issues
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vuldb.com
A vulnerability was found in OpenSSL (Network Encryption Software). It has been rated as problematic. Affected by this issue is the function ssl_get_algorithm2
of the file ssl/s3_lib.c of the component TLS Cipher Handler. Upgrading eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at git.openssl.org. The best possible mitigation is suggested to be upgrading to the latest version. A possible mitigation has been published 5 days after the disclosure of the vulnerability. Furthermore it is possible to detect and prevent this kind of attack with TippingPoint and the filter 13939. ...