January 20, 2012 9:15 AM ET
OpenSSL DTLS Bug Lets Remote Users Deny Service
Only DTLS applications using OpenSSL 1.0.0f and 0.9.8s are affected.
A flaw in the fix to CVE-2011-4108 can be exploited in a denial of service attack.
A vulnerability was reported in OpenSSL. The fix to correct the Datagram Transport Layer Security (DTLS) vulnerability referenced by CVE-2011-4108 introduced a flaw. A remote user can send specially crafted data to cause denial of service conditions on the target system.
A remote user can cause denial of service conditions.