CVE-2014-0221 - DTLS recursion flaw

Information:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0221
http://www.openssl.org/news/secadv_20140605.txt

Description:
By sending an invalid DTLS handshake to an OpenSSL DTLS client the code
can be made to recurse eventually crashing in a DoS attack.

Only applications using OpenSSL as a DTLS client are affected.

Impact to Tanium:
None - Tanium does not utilize UDP for communication or DTLS connections between the Client and Server.

Have more questions? Submit a request