Please sign in to comment.
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Fix DHE Null CKE vulnerability
If client auth is used then a server can seg fault in the event of a DHE cipher being used and a zero length ClientKeyExchange message being sent by the client. This could be exploited in a DoS attack. CVE-2015-1787 Reviewed-by: Richard Levitte <email@example.com>
- Loading branch information