Reset Search
 

 

Article

SA40886 - ssl3_read_bytes Function Denial of Service Vulnerability (CVE-2016-8610)

« Go Back

Information

 
Product Affected
Problem
A denial of service flaw due to improperly handling of warning packets during a TLS/SSL connection handshake. A remote attacker could use this flaw to consume an excessive amount of CPU and fail to accept connections from other endpoints.

PSIRT is not aware of any malicious exploitation of this vulnerability.
Solution
The following software releases have been updated to resolve this specific issue: PCS 8.3R1, 8.2R7, 8.1R12 and PPS 5.4R1, 5.3R7, 5.2R9, 5.1R12.
Workaround
Implementation
Related Links
CVSS Score7.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Risk Assessment
Acknowledgements
Alert TypeSA - Security Advisory
Risk LevelMedium
Attachment 1 
Attachment 2 
Legacy ID

Feedback

 

Was this article helpful?


   

Feedback

Please tell us how we can make this article more useful.

Characters Remaining: 255