OpenSSL is vulnerable to to Denial of Service (DoS) attacks. The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g, found in the affected versions of OpenSSL, does not verify that certain memory allocations succeed, allowing a malicious user to cause a denial of service by passing a large string to the server, crashing it due to the server running out of memory.