CVE-2013-6450

Description

The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c.

CVSS Version 2.0

nvd
CVE ID: CVE-2013-6450
Base Score: 5.8
Base Severity: MEDIUM
Vector String:AV:N/AC:M/Au:N/C:N/I:P/A:P

Refrence: NVD

Description​

Description