Uploaded image for project: 'JBoss Core Services'
  1. JBoss Core Services
  2. JBCS-43

CVE-2015-0293 openssl: assertion failure in SSLv2 servers [jbews-3.0.0]

XMLWordPrintable

      A malicious client can trigger an OPENSSL_assert (i.e., an abort) in
      servers that both support SSLv2 and enable export cipher suites by sending
      a specially crafted SSLv2 CLIENT-MASTER-KEY message.

            rhn-engineering-jclere Jean-Frederic Clere
            rhn-support-twalsh Tim Walsh
            Michal Karm Michal Karm
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

              Created:
              Updated:
              Resolved: