CVE-2011-3210

Name of the Vulnerable Software and Affected Versions OpenSSL versions 0.9.8 through 0.9.8r and 1.0.x before 1.0.0e Gentoo Linux (affected versions not specified)

Description The issue affects the ephemeral ECDH ciphersuite functionality, which does not ensure thread safety during processing of handshake messages from clients. This can be exploited remotely, potentially leading to a denial of service (daemon crash) via out-of-order messages that violate the TLS protocol. The exploitation of these vulnerabilities may compromise the confidentiality, integrity, and availability of protected information.

Recommendations For OpenSSL versions 0.9.8 through 0.9.8r, update to a version that ensures thread safety during handshake message processing. For OpenSSL versions 1.0.x before 1.0.0e, update to version 1.0.0e or later to address the issue. As a temporary workaround, consider restricting access to the ephemeral ECDH ciphersuite functionality until a patch is available.