virus logo FortiClient Vulnerability

OpenSSL CVE-2015-0291 Vulnerability

description-logoDescription

Severity: HighIf a client connects to an OpenSSL 1.0.2 server and renegotiates with aninvalid signature algorithms extension a NULL pointer dereference will occur.This can be exploited in a DoS attack against the server.This issue affects OpenSSL version: 1.0.2OpenSSL 1.0.2 users should upgrade to 1.0.2a.This issue was was reported to OpenSSL on 26th February 2015 by David Ramosof Stanford University. The fix was developed by Stephen Henson and MattCaswell of the OpenSSL development team.

affected-products-logoAffected Applications

OpenSSL

CVE References

CVE-2015-0291

Other References

https://www.openssl.org/news/vulnerabilities.html
ID 39821
Created Jan 17, 2020
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor OpenSSL
Patch manual
Application OpenSSL