RHEL が CVE-2014-0221 から受ける影響

Solution Verified - Updated -

Issue

  • CVE-2014-0221 openssl の解決方法は? 無効な DTLS ハンドシェイクを送る際の Dosは?

  • CVE-2014-0221 は EWS へ影響しますか? 最新の Red Hat JBoss Web Apache HTTP Server (2.2.22) にセキュリティーアドバイザリーのパッチを適用しましたが CVE-2014-0221 が残っています。

  • CVE-2014-0221の対策方法は ?

A denial of service flaw was found in the way OpenSSL handled certain DTLS ServerHello requests.
A specially crafted DTLS handshake packet could cause a DTLS client using OpenSSL to crash. 

Environment

  • Red Hat Enterprise Linux version 5 (openssl)

  • Red Hat Enterprise Linux version 6 (openssl)

  • Red Hat Enterprise Linux version 7 (openssl)

  • Red Hat Storage Server 2.1 (openssl)

  • Red Hat JBoss Enterprise Application Platform 6.3

  • Red Hat JBoss Web Server 2.1

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In