OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection, a different vulnerability than CVE-2011-5094. NOTE: it can also be argued that it is the responsibility of server deployments, not a security library, to prevent or limit renegotiation when it is inappropriate within a specific environment
Published: 2012-06-16
CVSS: 5.0
CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Download Exploit for CVE-2011-1473 here:
Tip: Download official Tor Browser at https://www.torproject.org/download/ to access .onion links.
https://augustaverburg.nl/exploit-1-cve-2025-43400/
https://augustaverburg.nl/exploit-367-cve-2025-66293/
https://augustaverburg.nl/exploit-675-cve-2015-5119/
https://augustaverburg.nl/exploit-844-cve-2021-37975/