OpenSSL (IBB): OCSP Status Request extension unbounded memory growth (CVE-2016-6304)

2017-03-29T01:24:57
ID H1:216840
Type hackerone
Reporter theyarestone
Modified 2017-04-12T00:58:54

Description

A malicious client can send an excessively large OCSP Status Request extension. If that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server. This will eventually lead to a Denial Of Service attack through memory exhaustion. Servers with a default configuration are vulnerable even if they do not support OCSP. Builds using the "no-ocsp" build time option are not affected.