The host is installed with OpenSSL 1.0.1 through 1.0.1t or 1.0.2 through 1.0.2h and is prone to a denial of service vulnerability. A flaw is present in tls_decrypt_ticket function, which fails to consider the HMAC size during validation of the ticket length. Successful exploitation allows remote attackers to cause a denial of service via a ticket that is too short.