Please sign in to comment.
Fix DHE Null CKE vulnerability
If client auth is used then a server can seg fault in the event of a DHE cipher being used and a zero length ClientKeyExchange message being sent by the client. This could be exploited in a DoS attack. CVE-2015-1787 Reviewed-by: Richard Levitte <firstname.lastname@example.org>
- Loading branch information...