Oval Definition:	oval:org.mitre.oval:def:26169
Revision Date: 2014-11-17 Version: 15 Title: AIX OpenSSL Denial of Service due to NULL pointer dereference Description: The ssl3_send_client_key_exchange function in s3_clnt.c in OpenSSL 0.9.8 before 0.9.8zb, 1.0.0 before 1.0.0n, and 1.0.1 before 1.0.1i allows remote DTLS servers to cause a denial of service (NULL pointer dereference and client application crash) via a crafted handshake message in conjunction with a (1) anonymous DH or (2) anonymous ECDH ciphersuite. Family: unix Class: vulnerability Status: ACCEPTED Reference(s): CVE-2014-3510 Platform(s): IBM AIX 6.1 IBM AIX 7.1 Product(s): Definition Synopsis platforms IBM AIX 6.1 is installed OR IBM AIX 7.1 is installed AND filesets File Version Exists openssl.base greater than or equal 1.0.1.500 AND openssl.base less than or equal 1.0.1.511 OR File Version Exists openssl.base greater than or equal 0.9.8.401 AND openssl.base less than or equal 0.9.8.2502 OR File Version Exists openssl.base greater than or equal 12.9.8.1100 AND openssl.base less than or equal 12.9.8.2502
BACK