A denial-of-service vulnerability exists in OpenSSL. The vulnerability, AKA SSL Death Alert, is due to improper handling of warning packets by the function ssl3_read_bytes(). A remote, unauthenticated attacker can exploit this vulnerability by repeatedly sending SSL Alert Warning records during the handshake. Successful exploitation will cause the excessive resource consumption on the server.