Guy Leaver

**Name of the Vulnerable Software and Affected Versions** OpenSSL versions prior to 1.0.2e **Description** The issue allows remote servers to cause a denial of service, resulting in a segmentation fault, by sending an anonymous Diffie-Hellman (DH) ServerKeyExchange message with a zero p value. This is due to a problem in the `ssl3 get key exchange` function. **Recommendations** For versions prior to 1.0.2e, update to version 1.0.2e or later to resolve the issue. As a temporary workaround, consider restricting the use of anonymous Diffie-Hellman ciphers to minimize the risk of exploitation.