Denial of Service (DoS) Vulnerability in OpenSSL’s ssl/t1_lib.c (tls_decrypt_ticket) (CVE-2016-6302)
DoS Vulnerability in the tls_decrypt_ticket function in OpenSSL's ssl/t1_lib.c (CVE-2016-6302)
Summary
This issue is being investigated by Buffalo Engineering.
Vulnerability ID | Vulnerability Overview |
---|---|
CVE-2016-6302 | The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short. |
Affected Supported TeraStations
Pending
Date | Description |
3/10/2022 | Initial release |