CVE-2014-3488
Published: 31 July 2014
The SslHandler in Netty before 3.9.2 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a crafted SSLv2Hello message.
Notes
Author | Note |
---|---|
seth-arnold | only 3.9.x branch affected |
Priority
Status
Package | Release | Status |
---|---|---|
netty Launchpad, Ubuntu, Debian |
lucid |
Not vulnerable
|
precise |
Not vulnerable
|
|
saucy |
Not vulnerable
|
|
trusty |
Not vulnerable
|
|
upstream |
Released
(3.9.2.Final)
|
|
Patches: upstream: https://github.com/netty/netty/commit/2fa9400a59d0563a66908aba55c41e7285a04994 |