The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.
2016-09-16T05:59:12.003
2025-04-12T10:46:40.837
Deferred
CVSSv3.0: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:N/I:N/A:P
10.0
2.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | openssl | openssl | 1.0.1 | Yes |
| Application | openssl | openssl | 1.0.1a | Yes |
| Application | openssl | openssl | 1.0.1b | Yes |
| Application | openssl | openssl | 1.0.1c | Yes |
| Application | openssl | openssl | 1.0.1d | Yes |
| Application | openssl | openssl | 1.0.1e | Yes |
| Application | openssl | openssl | 1.0.1f | Yes |
| Application | openssl | openssl | 1.0.1g | Yes |
| Application | openssl | openssl | 1.0.1h | Yes |
| Application | openssl | openssl | 1.0.1i | Yes |
| Application | openssl | openssl | 1.0.1j | Yes |
| Application | openssl | openssl | 1.0.1k | Yes |
| Application | openssl | openssl | 1.0.1l | Yes |
| Application | openssl | openssl | 1.0.1m | Yes |
| Application | openssl | openssl | 1.0.1n | Yes |
| Application | openssl | openssl | 1.0.1o | Yes |
| Application | openssl | openssl | 1.0.1p | Yes |
| Application | openssl | openssl | 1.0.1q | Yes |
| Application | openssl | openssl | 1.0.1r | Yes |
| Application | openssl | openssl | 1.0.1s | Yes |
| Application | openssl | openssl | 1.0.1t | Yes |
| Application | openssl | openssl | 1.0.2 | Yes |
| Application | openssl | openssl | 1.0.2a | Yes |
| Application | openssl | openssl | 1.0.2b | Yes |
| Application | openssl | openssl | 1.0.2c | Yes |
| Application | openssl | openssl | 1.0.2d | Yes |
| Application | openssl | openssl | 1.0.2e | Yes |
| Application | openssl | openssl | 1.0.2f | Yes |
| Application | openssl | openssl | 1.0.2g | Yes |
| Application | openssl | openssl | 1.0.2h | Yes |
| Operating System | oracle | linux | 6 | Yes |
| Operating System | oracle | linux | 7 | Yes |
| Operating System | oracle | solaris | 10 | Yes |
| Operating System | oracle | solaris | 11.3 | Yes |