Full title: OpenSSL OCSP Status Request Extension Unbounded Memory Growth Vulnerability 
Category: dos / poc
Platform: linux
Multiple memory leaks in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0  before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.The exploit allows to take advantage of this vulnerability. When successfully exploited, the vulnerability causes the server to crash or slow down.

# 0day.today @ http://0day.today/