Original Publication Date: 28-08-2014
On 26thAugust 2014, the OpenSSL team released an update which fixed the OpenSSL DTLS Memory Exhaustion Vulnerability. Cyberoam recommends all the DTLS users to upgrade OpenSSL 0.9.8versions to 0.9.8zb, 1.0.0 versions to 1.0.0n and 1.0.1 versions to 1.0.1i. For more information, please refer DTLS Memory Exhaustion Vulnerability.
Note:Cyberoam Threat Research Labs is currently studying this vulnerability and shall announce a remedial solution shortly. Once, we have the solution the advisory will be updated.
What is the OpenSSL DTLS Memory Exhaustion Vulnerability?
· OpenSSL 0.9.8 versions prior to 0.9.8zb
· OpenSSL 1.0.0 versions prior to 1.0.0n
· OpenSSL 1.0.1 versions prior to 1.0.1i
28 August 2014
Initial public release containing information on the Vulnerability.
Every comment submitted here is read (by a human) but we do not reply to specific technical questions. For technical support post a question to the community. Or click here for new feature/product improvements. Alternatively for paid/licensed products open a support ticket.