The OVAL Repository5.72015-09-03T09:21:20.153-04:00The ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshakeRed Hat Enterprise Linux 6CentOS Linux 6OpenSSLThe ssl3_take_mac function in ssl/s3_both.c in OpenSSL 1.0.1 before 1.0.1f allows remote TLS servers to cause a denial of service (NULL pointer dereference and application crash) via a crafted Next Protocol Negotiation record in a TLS handshake.Maria KedovskayaDRAFTINTERIMACCEPTEDACCEPTEDopenssl1.0.1[a-e].*