Unrated severityNVD Advisory· Published May 19, 2009· Updated Apr 23, 2026
CVE-2009-1377
CVE-2009-1377
Description
The dtls1_buffer_record function in ssl/d1_pkt.c in OpenSSL 0.9.8k and earlier 0.9.8 versions allows remote attackers to cause a denial of service (memory consumption) via a large series of "future epoch" DTLS records that are buffered in a queue, aka "DTLS record buffer limitation bug."
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
35- cvs.openssl.org/chngviewnvdBroken LinkPatchThird Party Advisory
- marc.infonvdMailing ListPatchThird Party Advisory
- rt.openssl.org/Ticket/Display.htmlnvdBroken LinkMailing ListPatchThird Party Advisory
- ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-009.txt.ascnvdBroken LinkThird Party Advisory
- h20000.www2.hp.com/bizsupport/TechSupport/Document.jspnvdBroken LinkThird Party Advisory
- lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.htmlnvdThird Party Advisory
- lists.vmware.com/pipermail/security-announce/2010/000082.htmlnvdThird Party Advisory
- secunia.com/advisories/35128nvdThird Party AdvisoryVendor Advisory
- secunia.com/advisories/35416nvdThird Party Advisory
- secunia.com/advisories/35461nvdThird Party Advisory
- secunia.com/advisories/35571nvdThird Party Advisory
- secunia.com/advisories/35729nvdThird Party Advisory
- secunia.com/advisories/36533nvdThird Party Advisory
- secunia.com/advisories/37003nvdThird Party Advisory
- secunia.com/advisories/38761nvdThird Party Advisory
- secunia.com/advisories/38794nvdThird Party Advisory
- secunia.com/advisories/38834nvdThird Party Advisory
- secunia.com/advisories/42724nvdThird Party Advisory
- secunia.com/advisories/42733nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-200912-01.xmlnvdThird Party Advisory
- slackware.com/security/viewer.phpnvdMailing ListThird Party Advisory
- voodoo-circle.sourceforge.net/sa/sa-20091012-01.htmlnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2009-1335.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/35001nvdThird Party AdvisoryVDB Entry
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-792-1nvdThird Party Advisory
- www.vupen.com/english/advisories/2009/1377nvdPermissions RequiredThird Party Advisory
- www.vupen.com/english/advisories/2010/0528nvdPermissions RequiredThird Party Advisory
- launchpad.net/bugs/cve/2009-1377nvdThird Party Advisory
- sourceforge.net/mailarchive/message.phpnvdBroken Link
- www.mandriva.com/security/advisoriesnvdBroken Link
- www.openwall.com/lists/oss-security/2009/05/18/1nvdMailing List
- kb.bluecoat.com/indexnvdBroken Link
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6683nvdTool Signature
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9663nvdTool Signature
News mentions
0No linked articles in our index yet.