OpenSSL Security Update Patches Denial of Service Vulnerability

Reading Time: 1 minute

OpenSSL has released updates patching eight vulnerabilities, one of which may allow an attacker to cause a Denial of Service condition.

The OpenSSL security update addresses a vulnerability where sending an invalid DTLS handshake to an OpenSSL DTLS client the code can be made to recurse eventually crashing in a DoS attack.

OpenSSL is an open-source implementation of the SSL and TLS protocols that are used to create secure, encrypted communication between clients and servers. As of 2014, two thirds of all webservers use OpenSSL.

In the past year, OpenSSL has come under closer scrutiny because of several high profile vulnerabilities, including the so called Heartbeat and Poodle bugs which hackers could be exploit to intercept and read messages.

Updates Available

The following updates are available:
OpenSSL 1.0.1k for 1.0.1 users
OpenSSL 1.0.0p for 1.0.0 users
OpenSSL 0.9.8zd for 0.9.8 users

Related Resources

Wikipedia Down by DDoS Attack

Service Desk

Remote Desktop Connection Manager

Software Hardware Inventory Open Source

START FREE TRIAL GET YOUR INSTANT SECURITY SCORECARD FOR FREE

• SEO Powered Content & PR Distribution. Get Amplified Today.
• EVM Finance. Unified Interface for Decentralized Finance. Access Here.
• Quantum Media Group. IR/PR Amplified. Access Here.
• PlatoAiStream. Web3 Data Intelligence. Knowledge Amplified. Access Here.
• Source: https://blog.comodo.com/it-security/openssl-security-update-patches-denial-service-vulnerability/