OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service (connection blocking) by keeping a connection open.
Base Score: 5
Impact Score: 2.9
Exploitability Score: 10
cpe:2.3:a:openbsd:opensmtpd:*:*:*:*:*:*:*:* versions up to 5.3.1 (inclusive)
View all (1 total)