virus logo FortiClient Vulnerability

OpenSSL CVE-2015-1787 Input Validation Bypass Vulnerability

description-logoDescription

Severity: ModerateIf client auth is used then a server can seg fault in the event of a DHEciphersuite being selected and a zero length ClientKeyExchange message beingsent by the client. This could be exploited in a DoS attack.This issue affects OpenSSL version: 1.0.2OpenSSL 1.0.2 users should upgrade to 1.0.2a.This issue was discovered and the fix was developed by Matt Caswell of theOpenSSL development team.

affected-products-logoAffected Applications

OpenSSL

CVE References

CVE-2015-1787

Other References

https://www.openssl.org/news/vulnerabilities.html
ID 39830
Created Jan 17, 2020
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor OpenSSL
Patch manual
Application OpenSSL