OpenSSL fixes second bug from developer who caused Heartbleed

One of seven bugs fixed by the OpenSSL developers was caused by the developer originally responsible for the Heartbleed vulnerability. The DTLS vulnerability allowed remote code execution.

Heise: http://www.heise.de/open/meldung/Noch-mehr-Herzbluten-bei-OpenSSL-2217286.html

Heise: http://www.heise.de/open/meldung/Sieben-auf-einen-Streich-OpenSSL-schliesst-Sicherheitsluecken-2216707.html

Just sending this single UDP packet results in the application segfaulting and causing a denial-of-service condition, but more malicious things are possible. As the length field is 3-bytes wide, it is theoretically possible to write up to 2^24 bytes of data to the process using this vulnerability. An attacker could leverage this issue to corrupt adjacent metadata, and possibly execute code in the context of the process using OpenSSL.

HP Security Research Blog: http://h30499.www3.hp.com/t5/HP-Security-Research-Blog/ZDI-14-173-CVE-2014-0195-OpenSSL-DTLS-Fragment-Out-of-Bounds/ba-p/6501002#.U6BBxXV_tIc

MITRE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0195

OpenSSL Project: http://www.openssl.org/news/secadv_20140605.txt