Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm.
References
Configurations
Configuration 1 (hide)
|
History
13 Feb 2023, 02:18
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Summary | Memory leak in the zlib_stateful_init function in crypto/comp/c_zlib.c in libssl in OpenSSL 0.9.8f through 0.9.8h allows remote attackers to cause a denial of service (memory consumption) via multiple calls, as demonstrated by initial SSL client handshakes to the Apache HTTP Server mod_ssl that specify a compression algorithm. |
02 Feb 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
Summary | CVE-2008-1678 httpd: mod_ssl per-connection memory leak for connections with zlib compression | |
References |
|
Information
Published : 2008-07-10 17:41
Updated : 2023-12-10 10:51
NVD link : CVE-2008-1678
Mitre link : CVE-2008-1678
CVE.ORG link : CVE-2008-1678
JSON object : View
Products Affected
openssl
- openssl
CWE
CWE-399
Resource Management Errors