OpenBSD: OpenSSL Denial of service vulnerability
Posted by LinuxSecurity.com Team   
OpenBSD Remote attacker can trigger a null-pointer dereference, crashing OpenSSL.

A missing check for a NULL-pointer dereference has been found in
the OpenSSL library.  A remote attacker can use the bug against a
server to cause the OpenSSL application to crash.  This may lead
to a denial of service.

The problem is fixed in OpenBSD-current as well as the 3.4-stable
and 3.3-stable branches.

Patches are available from:
     ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.4/common/016_openssl.patch
     ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.3/common/021_openssl.patch

For more information, see:
     http://www.openssl.org/news/secadv_20040317.txt