Candidate: CVE-2010-0740
PublicDate: 2010-03-26 18:30:00 UTC
References: 
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0740
 http://www.openssl.org/news/secadv_20100324.txt
Description:
 The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through
 0.9.8m allows remote attackers to cause a denial of service (crash) via a
 malformed record in a TLS connection that triggers a NULL pointer
 dereference, related to the minor version number.  NOTE: some of these
 details are obtained from third party information.
Ubuntu-Description: 
Notes: 
 jdstrand> according to upstream, if 'short' is a 16-bit integer, this issue
  applies only to OpenSSL 0.9.8m, otherwise it affects 0.9.8f through 0.9.8m.
  Confirmed that on all releases of Ubuntu on all architectures that 'short' is
  2 bytes. (8.10/sparc and 10.04/armel could not be checked)
Bugs: 
Priority: medium
Discovered-by:
Assigned-to: jdstrand
CVSS: 

Patches_openssl:
upstream_openssl: released (0.9.8n)
dapper_openssl: not-affected (0.9.8a-7ubuntu0.11)
hardy_openssl: not-affected (2-byte short)
intrepid_openssl: not-affected (2-byte short)
jaunty_openssl: not-affected (2-byte short)
karmic_openssl: not-affected (2-byte short)
devel_openssl: released (0.9.8k-7ubuntu8)