Denial of Service Vulnerability in OpenSSL's Server Gated Cryptography (SGC) Implementation

Denial of Service Vulnerability in OpenSSL's Server Gated Cryptography (SGC) Implementation

CVE-2011-4619 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The Server Gated Cryptography (SGC) implementation in OpenSSL before 0.9.8s and 1.x before 1.0.0f does not properly handle handshake restarts, which allows remote attackers to cause a denial of service (CPU consumption) via unspecified vectors.

Learn more about our Cis Benchmark Audit For Server Software.