ID de Prueba:	1.3.6.1.4.1.25623.1.0.152059
Categoría:	Denial of Service
Título:	OpenSSL DoS Vulnerability (20240408) - Windows
Resumen:	OpenSSL is prone to a denial of service (DoS) vulnerability.
Descripción:	Summary: OpenSSL is prone to a denial of service (DoS) vulnerability. Vulnerability Insight: Some non-default TLS server configurations can cause unbounded memory growth when processing TLSv1.3 sessions. Vulnerability Impact: An attacker may exploit certain server configurations to trigger unbounded memory growth that would lead to a Denial of Service. Affected Software/OS: OpenSSL versions 1.1.1, 3.0, 3.1 and 3.2. Solution: Update to version 1.1.1y, 3.0.14, 3.1.6, 3.2.2 or later. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-2511 1.1.1y git commit https://github.openssl.org/openssl/extended-releases/commit/5f8d25770ae6437db119dfc951e207271a326640 3.0.14 git commit https://github.com/openssl/openssl/commit/b52867a9f618bb955bed2a3ce3db4d4f97ed8e5d 3.1.6 git commit https://github.com/openssl/openssl/commit/7e4d731b1c07201ad9374c1cd9ac5263bdf35bce 3.2.2 git commit https://github.com/openssl/openssl/commit/e9d7083e241670332e0443da0f0d4ffb52829f08 OpenSSL Advisory https://www.openssl.org/news/secadv/20240408.txt http://www.openwall.com/lists/oss-security/2024/04/08/5
Copyright	Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.