OpenSSL Security Advisory [18 Jan 2011]

DTLS DoS attack (CVE-2012-0050):

A flaw in the fix to CVE-2011-4108 can be exploited in a denial of service attack. Only DTLS applications using OpenSSL 1.0.0f and 0.9.8s are affected.

Thanks to Antonio Martin, Enterprise Secure Access Research and Development, Cisco Systems, Inc. for discovering this bug and preparing a fix.

Affected users should upgrade to OpenSSL 1.0.0g or 0.9.8t.

References:

URL for this Security Advisory: http://www.openssl.org/news/secadv_20120118.txt