Unrated severityNVD Advisory· Published Dec 6, 2015· Updated Jun 17, 2026
CVE-2015-1794
CVE-2015-1794
Description
The ssl3_get_key_exchange function in ssl/s3_clnt.c in OpenSSL 1.0.2 before 1.0.2e allows remote servers to cause a denial of service (segmentation fault) via a zero p value in an anonymous Diffie-Hellman (DH) ServerKeyExchange message.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*
- cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*
- (no CPE)range: <1.0.2e
Patches
Vulnerability mechanics
References
13- openssl.org/news/secadv/20151203.txtnvdVendor Advisory
- fortiguard.com/advisory/openssl-advisory-december-2015nvd
- kb.juniper.net/InfoCenter/indexnvd
- kb.juniper.net/InfoCenter/indexnvd
- lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.htmlnvd
- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151204-opensslnvd
- www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.htmlnvd
- www.securitytracker.com/id/1034294nvd
- www.slackware.com/security/viewer.phpnvd
- www.ubuntu.com/usn/USN-2830-1nvd
- cert-portal.siemens.com/productcert/pdf/ssa-412672.pdfnvd
- git.openssl.orgnvd
- h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplaynvd
News mentions
0No linked articles in our index yet.