RHEL が CVE-2014-0221 から受ける影響

Solution Verified - Updated -

Issue

  • CVE-2014-0221 openssl の解決方法は? 無効な DTLS ハンドシェイクを送る際の Dosは?

  • CVE-2014-0221 は EWS へ影響しますか? 最新の Red Hat JBoss Web Apache HTTP Server (2.2.22) にセキュリティーアドバイザリーのパッチを適用しましたが CVE-2014-0221 が残っています。

  • CVE-2014-0221の対策方法は ?

A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests.
A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash.

Environment

  • Red Hat Enterprise Linux version 5 (openssl)

  • Red Hat Enterprise Linux version 6 (openssl)

  • Red Hat Enterprise Linux version 7 (openssl)

  • Red Hat Storage Server 2.1 (openssl)

  • Red Hat JBoss Enterprise Application Platform 6.3

  • Red Hat JBoss Web Server 2.1

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Close

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.