漏洞类别:Local
漏洞等级: 
漏洞信息
A denial of service flaw was found in the way the SSL/TLS protocol, defined processing of ALERT packets during an SSL handshake. An attacker could use this flaw to DoS servers compiled against cryptographic libraries, which do not allocate an extra thread to process ClientHello packets.
This flaw affects applications that are compiled against OpenSSL or GnuTLS and do not allocate an extra thread for processing ClientHello messages. Nginx is affected by this issue; Apache httpd is not affected by this issue.
Affected Versions:
OpenSSL under Red Hat Enterprise Linux 5,6,7
漏洞危害
An exploit could allow the attacker to cause a denial of service condition.
解决方案
There are no vendor supplied patches available at this time. Note : Red Hat already marked this vulnerability as Won't fixRed Hat CVE-2016-8610
0day
文章评论