OpenSSL CVE-2012-2686 Weak Encryption Vulnerability
Description
A flaw in the OpenSSL handling of CBC ciphersuites in TLS 1.1 and TLS 1.2 onAES-NI supporting platforms can be exploited in a DoS attack. If you areunsure if you are using AES-NI see "References" below.Anyone using an AES-NI platform for TLS 1.2 or TLS 1.1 on OpenSSL 1.0.1c isaffected. Platforms which do not support AES-NI or versions of OpenSSL whichdo not implement TLS 1.2 or 1.1 (for example OpenSSL 0.9.8 and 1.0.0) arenot affected.Thanks go to Adam Langley
Affected Applications
OpenSSL