Discover Vendors/Products News
OpenSSL Flaws Expose Systems to Remote and DoS Attacks
All versions of OpenSSL up to and including 0.9.6j and 0.9.7b are affected, according to an advisory by the OpenSSL Project, the group that develops the software. All versions of SSLeay are also susceptible, as is any application that makes use of OpenSSL's ASN.1 library to parse untrusted data.
OpenSSL is an open source implementation of the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols, which provide encryption and other security services for Web and e-mail applications. The actual flaw lies in how OpenSSL implements the Abstract Syntax Notation One (ASN.1) data format.
The link for this article located at SearchSecurity is no longer available.