The OVAL Repository5.42015-09-03T06:37:27.679-04:00The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshakeRed Hat Enterprise Linux 6CentOS Linux 6OpenSSLThe ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake.Maria KedovskayaDRAFTINTERIMACCEPTEDACCEPTEDopenssl1.0.1[a-e].*