OpenSSL DoS related to s3clntc and s3srvrc

May 04, 2023

OpenSSL may allow remote attackers to perform a Denial of Service (DoS) attack related to s3_clnt.c and s3_srvr.c

Summary

Supported systems are not running one of these versions of OpenSSL. Several scanners have reported this as a false positive. This vulnerability is included for use in addressing those reports.

Open SSL Versons of Supported Units:

TS71210	1.1.1f
TS6000	1.0.2o
TS5020/TS3020	1.0.2o
TS5010/TS3010	1.0.2o

Vulnerability ID	Vulnerability Overview
CVE-2016-6306	The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.

Affected Supported TeraStations

None

Back to Security Notices

Date	Description
5/4/2023	Initial release

Back to Security Notices

Network Attached Storage

Portable Solid State Drive (SSD)

External Hard Drives

While Supplies Last

Optical Drives

Multi-Gigabit Switches

Accessories

View All

Latest Article

Buffalo Americas Product Life Cycle Status Change Notice - BS-MP2008 & BS-MP2012 Business Switches

OpenSSL DoS related to s3clntc and s3srvrc

OpenSSL may allow remote attackers to perform a Denial of Service (DoS) attack related to s3_clnt.c and s3_srvr.c