CVE-2007-4995

Name of the Vulnerable Software and Affected Versions: OpenSSL versions prior to 0.9.8f Gentoo Linux (affected versions not specified) 1C:Предприятие (affected versions not specified)

Description: The issue is related to an off-by-one error in the DTLS implementation of OpenSSL, which can be exploited remotely. This can lead to the execution of arbitrary code, disruption of confidentiality, integrity, and availability of protected information, and potentially allow an attacker to obtain access to encrypted data without knowledge of the encryption key.

Recommendations: For OpenSSL versions prior to 0.9.8f, update to version 0.9.8f or later. For Gentoo Linux, update the OpenSSL package to a version that includes the fix for this issue. For 1C:Предприятие, consider restricting access to the vulnerable components of the system until a patch is available, and update the OpenSSL package to a version that includes the fix for this issue. As a temporary workaround, consider disabling the use of DTLS in OpenSSL until a patch is available.