CVE-2009-1387

Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 1.0.0 Beta 2 OpenSSL versions prior to 0.9.8l-r2

Description The issue allows remote attackers to cause a denial of service, resulting in a daemon crash due to a NULL pointer dereference. This is related to an out-of-sequence DTLS handshake message and a "fragment bug" in the dtls1 retrieve buffered fragment function. The vulnerability can be exploited remotely, potentially leading to disruption of integrity and availability of protected information.

Recommendations For versions prior to 1.0.0 Beta 2, update to version 1.0.0 Beta 2 or later. For versions prior to 0.9.8l-r2, update to version 0.9.8l-r2 or later. As a temporary workaround, consider restricting access to DTLS handshake messages to minimize the risk of exploitation.