What is CVE-2013-2125?

CVE-2013-2125 is a vulnerability in Openbsd Opensmtpd, classified under Cryptographic Issues. Published 2014-05-27.

Is CVE-2013-2125 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Openbsd Opensmtpd

CVE-2013-2125

OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service (connection blocking) by keeping a connection open.

Vulnerability class: POODLE (CVE-2014-3566)

EPSS: 0.014 (81.0th percentile) — read the EPSS interpretation.

Affected products

Openbsd Opensmtpd
N/a — versions n/a

Weakness classification (CWE)

CWE-310 — Cryptographic Issues

Public proof-of-concept exploits

Farrhouq/Inpt-report

References

[oss-security] 20130518 CVE Request: DoS in OpenSMTPD TLS Support (mailing-list, x_refsource_MLIST, Exploit)
secalert@redhat.com (x_refsource_CONFIRM, Exploit, Patch)
53353 (x_refsource_SECUNIA, third-party-advisory)
opensmtpd-cve20132125-dos(84388) (vdb-entry, x_refsource_XF)
[oss-security] 20130518 Re: Re: CVE Request: DoS in OpenSMTPD TLS Support (mailing-list, x_refsource_MLIST)
93495 (x_refsource_OSVDB, vdb-entry)

Frequently asked questions

What is CVE-2013-2125?: CVE-2013-2125 is a vulnerability in Openbsd Opensmtpd, classified under Cryptographic Issues. Published 2014-05-27.
Is CVE-2013-2125 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.