CVE-2013-2125 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2013-2125

CWE

https://cwe.mitre.org/data/definitions/310.html

OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service (connection blocking) by keeping a connection open.

Affected Software

Name	Vendor	Start Version	End Version
Opensmtpd	Openbsd	*	5.3.1 (including)

References

http://git.zx2c4.com/OpenSMTPD/commit/?id=38b26921bad5fe24ad747bf9d591330d683728b0
http://osvdb.org/93495
http://seclists.org/oss-sec/2013/q2/362
http://seclists.org/oss-sec/2013/q2/366
http://secunia.com/advisories/53353
https://exchange.xforce.ibmcloud.com/vulnerabilities/84388
http://git.zx2c4.com/OpenSMTPD/commit/?id=38b26921bad5fe24ad747bf9d591330d683728b0
http://osvdb.org/93495
http://seclists.org/oss-sec/2013/q2/362
http://seclists.org/oss-sec/2013/q2/366
http://secunia.com/advisories/53353
https://exchange.xforce.ibmcloud.com/vulnerabilities/84388