Vulnerability DatabaseCVE-2013-2125
Mend.io Vulnerability Database
The largest open source vulnerability database
What is a Vulnerability ID?
New vulnerability? Tell us about it!
CVE-2013-2125
Published:May 27, 2014
Updated:May 17, 2026
OpenSMTPD before 5.3.2 does not properly handle SSL sessions, which allows remote attackers to cause a denial of service (connection blocking) by keeping a connection open.
Related Resources (6)
http://osvdb.org/93495
http://seclists.org/oss-sec/2013/q2/366
http://seclists.org/oss-sec/2013/q2/362
https://exchange.xforce.ibmcloud.com/vulnerabilities/84388
http://git.zx2c4.com/OpenSMTPD/commit/?id=38b26921bad5fe24ad747bf9d591330d683728b0
http://secunia.com/advisories/53353
Do you need more information?
Contact Us
CVSS v3
Base Score:
5.3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality
NONE
Integrity
NONE
Availability
LOW
CVSS v2
Base Score:
5
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
EPSS
Base Score:
1.43