OpenSSL Information for VU#386964

OpenSSL SSLv2 client code fails to properly check for NULL



Vendor Statement

No statement is currently available from the vendor regarding this vulnerability.

Vendor Information

We are not aware of further vendor information regarding this vulnerability.

Vendor References



The OpenSSL development team has published OpenSSL Security Advisory [28th September 2006] in response to this issue. Users or redistributors who compile OpenSSL from the original source code distribution are encouraged to review this advisory and upgrade to the appropriate fixed version of the software.

If you have feedback, comments, or additional information about this vulnerability, please send us email.