PolarSSL Vulnerability (CVE-2014-9744)
PolarSSL Vulnerability (CVE-2014-9744)
Release date:
Updated on:
Affected Systems:
PolarSSL <1.3.9
Description:
CVE (CAN) ID: CVE-2014-9744
PolarSSL (mbed TLS) is a dual-Authorization Implementation of SSL, TLS Protocol, its encryption algorithm, and supported algorithms.
PolarSSL versions earlier than 1.3.9 have the memory leakage vulnerability. A remote attacker can exploit this vulnerability to cause denial of service (memory depletion) through a large number of ClientHello messages ).
<* Source: PolarSSL
*>
Suggestion:
Vendor patch:
PolarSSL
--------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://lists.opensuse.org/opensuse-updates/2014-11/msg00079.html
Https://polarssl.org/tech-updates/releases/polarssl-1.3.9-released
PolarSSL details: click here
PolarSSL: click here
This article permanently updates the link address: