d1_both.c in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote attackers to cause a denial of service (memory consumption) via crafted DTLS handshake messages that trigger memory allocations corresponding to large length values.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Openssl | Openssl | 0.9.8 (including) | 0.9.8 (including) |
| Openssl | Openssl | 0.9.8a (including) | 0.9.8a (including) |
| Openssl | Openssl | 0.9.8b (including) | 0.9.8b (including) |
| Openssl | Openssl | 0.9.8c (including) | 0.9.8c (including) |
| Openssl | Openssl | 0.9.8d (including) | 0.9.8d (including) |
| Openssl | Openssl | 0.9.8e (including) | 0.9.8e (including) |
| Openssl | Openssl | 0.9.8f (including) | 0.9.8f (including) |
| Openssl | Openssl | 0.9.8g (including) | 0.9.8g (including) |
| Openssl | Openssl | 0.9.8h (including) | 0.9.8h (including) |
| Openssl | Openssl | 0.9.8i (including) | 0.9.8i (including) |
| Openssl | Openssl | 0.9.8j (including) | 0.9.8j (including) |
| Openssl | Openssl | 0.9.8k (including) | 0.9.8k (including) |
| Openssl | Openssl | 0.9.8l (including) | 0.9.8l (including) |
| Openssl | Openssl | 0.9.8m (including) | 0.9.8m (including) |
| Openssl | Openssl | 0.9.8m-beta1 (including) | 0.9.8m-beta1 (including) |
| Openssl | Openssl | 0.9.8n (including) | 0.9.8n (including) |
| Openssl | Openssl | 0.9.8o (including) | 0.9.8o (including) |
| Openssl | Openssl | 0.9.8p (including) | 0.9.8p (including) |
| Openssl | Openssl | 0.9.8q (including) | 0.9.8q (including) |
| Openssl | Openssl | 0.9.8r (including) | 0.9.8r (including) |
| Openssl | Openssl | 0.9.8s (including) | 0.9.8s (including) |
| Openssl | Openssl | 0.9.8t (including) | 0.9.8t (including) |
| Openssl | Openssl | 0.9.8u (including) | 0.9.8u (including) |
| Openssl | Openssl | 0.9.8v (including) | 0.9.8v (including) |
| Openssl | Openssl | 0.9.8w (including) | 0.9.8w (including) |
| Openssl | Openssl | 0.9.8x (including) | 0.9.8x (including) |
| Openssl | Openssl | 0.9.8y (including) | 0.9.8y (including) |
| Openssl | Openssl | 0.9.8za (including) | 0.9.8za (including) |
| Openssl | Openssl | 1.0.0 (including) | 1.0.0 (including) |
| Openssl | Openssl | 1.0.0-beta1 (including) | 1.0.0-beta1 (including) |
| Openssl | Openssl | 1.0.0-beta2 (including) | 1.0.0-beta2 (including) |
| Openssl | Openssl | 1.0.0-beta3 (including) | 1.0.0-beta3 (including) |
| Openssl | Openssl | 1.0.0-beta4 (including) | 1.0.0-beta4 (including) |
| Openssl | Openssl | 1.0.0-beta5 (including) | 1.0.0-beta5 (including) |
| Openssl | Openssl | 1.0.0a (including) | 1.0.0a (including) |
| Openssl | Openssl | 1.0.0b (including) | 1.0.0b (including) |
| Openssl | Openssl | 1.0.0c (including) | 1.0.0c (including) |
| Openssl | Openssl | 1.0.0d (including) | 1.0.0d (including) |
| Openssl | Openssl | 1.0.0e (including) | 1.0.0e (including) |
| Openssl | Openssl | 1.0.0f (including) | 1.0.0f (including) |
| Openssl | Openssl | 1.0.0g (including) | 1.0.0g (including) |
| Openssl | Openssl | 1.0.0h (including) | 1.0.0h (including) |
| Openssl | Openssl | 1.0.0i (including) | 1.0.0i (including) |
| Openssl | Openssl | 1.0.0j (including) | 1.0.0j (including) |
| Openssl | Openssl | 1.0.0k (including) | 1.0.0k (including) |
| Openssl | Openssl | 1.0.0l (including) | 1.0.0l (including) |
| Openssl | Openssl | 1.0.0m (including) | 1.0.0m (including) |
| Openssl | Openssl | 1.0.1 (including) | 1.0.1 (including) |
| Openssl | Openssl | 1.0.1-beta1 (including) | 1.0.1-beta1 (including) |
| Openssl | Openssl | 1.0.1-beta2 (including) | 1.0.1-beta2 (including) |
| Openssl | Openssl | 1.0.1-beta3 (including) | 1.0.1-beta3 (including) |
| Openssl | Openssl | 1.0.1a (including) | 1.0.1a (including) |
| Openssl | Openssl | 1.0.1b (including) | 1.0.1b (including) |
| Openssl | Openssl | 1.0.1c (including) | 1.0.1c (including) |
| Openssl | Openssl | 1.0.1d (including) | 1.0.1d (including) |
| Openssl | Openssl | 1.0.1e (including) | 1.0.1e (including) |
| Openssl | Openssl | 1.0.1f (including) | 1.0.1f (including) |
| Openssl | Openssl | 1.0.1g (including) | 1.0.1g (including) |
| Openssl | Openssl | 1.0.1h (including) | 1.0.1h (including) |
| Red Hat Enterprise Linux 5 | RedHat | openssl-0:0.9.8e-27.el5_10.4 | * |
| Red Hat Enterprise Linux 6 | RedHat | openssl-0:1.0.1e-16.el6_5.15 | * |
| Red Hat Enterprise Linux 7 | RedHat | openssl-1:1.0.1e-34.el7_0.4 | * |
| Red Hat JBoss Enterprise Application Platform 6.3 | RedHat | openssl | * |
| Red Hat JBoss Web Server 2.1 | RedHat | openssl | * |
| Red Hat Storage 2.1 | RedHat | openssl-0:1.0.1e-16.el6_5.15 | * |
| Openssl | Ubuntu | artful | * |
| Openssl | Ubuntu | bionic | * |
| Openssl | Ubuntu | cosmic | * |
| Openssl | Ubuntu | devel | * |
| Openssl | Ubuntu | disco | * |
| Openssl | Ubuntu | lucid | * |
| Openssl | Ubuntu | precise | * |
| Openssl | Ubuntu | trusty | * |
| Openssl | Ubuntu | upstream | * |
| Openssl | Ubuntu | utopic | * |
| Openssl | Ubuntu | vivid | * |
| Openssl | Ubuntu | vivid/stable-phone-overlay | * |
| Openssl | Ubuntu | vivid/ubuntu-core | * |
| Openssl | Ubuntu | wily | * |
| Openssl | Ubuntu | xenial | * |
| Openssl | Ubuntu | yakkety | * |
| Openssl | Ubuntu | zesty | * |
| Openssl098 | Ubuntu | precise | * |
| Openssl098 | Ubuntu | trusty | * |
| Openssl098 | Ubuntu | upstream | * |
| Openssl098 | Ubuntu | utopic | * |
| Openssl098 | Ubuntu | vivid | * |