CVE-2013-2125
OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service (connection blocking) by keeping a connection open.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0143 (1.4%)
Percentil: 80.7%
EPSS: 2026-05-06
Afecta
openbsd:opensmtpdDescripción técnica
OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service (connection blocking) by keeping a connection open.
Publicada: 27/5/2014, 14:55:09
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://git.zx2c4.com/OpenSMTPD/commit/?id=38b26921bad5fe24ad747bf9d591330d683728b0
- http://osvdb.org/93495
- http://seclists.org/oss-sec/2013/q2/362
- http://seclists.org/oss-sec/2013/q2/366
- http://secunia.com/advisories/53353
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84388
- http://git.zx2c4.com/OpenSMTPD/commit/?id=38b26921bad5fe24ad747bf9d591330d683728b0
- http://osvdb.org/93495