Debian DSA-2392-1 : openssl - out-of-bounds read
Medium Nessus Plugin ID 57643
SynopsisThe remote Debian host is missing a security-related update.
DescriptionAntonio Martin discovered a denial-of-service vulnerability in OpenSSL, an implementation of TLS and related protocols. A malicious client can cause the DTLS server implementation to crash. Regular, TCP-based TLS is not affected by this issue.
SolutionUpgrade the openssl packages.
For the oldstable distribution (lenny), this problem has been fixed in version 0.9.8g-15+lenny16.
For the stable distribution (squeeze), this problem has been fixed in version 0.9.8o-4squeeze7.