5 matches found
TLS Downgrade Attack
github.com/refraction-networking/utls is vulnerable to TLS Downgrade Attack. The vulnerability is due to missing downgrade protection caused due to failure to implement and verify the downgrade canary in TLS 1.3 handshakes when using a custom ClientHello spec, allowing an attacker to force a...
Security Advisory 2022-10-04-1 - wolfSSL buffer overflow during a TLS 1.3 handshake (CVE-2022-39173)
DESCRIPTION In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow on server during a TLS 1.3 handshake. This occurs when an attacker supposedly resumes a previous TLS session. During the resumption Client Hello a Hello Retry Request must be triggered. Both Client Hellos are...
PT-2022-24791 · Wolfssl +1 · Wolfssl +1
Name of the Vulnerable Software and Affected Versions: wolfSSL versions prior to 5.5.1 Description: The issue occurs when malicious clients cause a buffer overflow during a TLS 1.3 handshake, specifically when an attacker supposedly resumes a previous TLS session. This happens when a Hello Retry...
CVE-2020-1967 Segmentation fault in SSL_check_chain
Server or client applications that call the SSLcheckchain function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signaturealgorithmscert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm i...
CVE-2020-1967
Server or client applications that call the SSLcheckchain function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signaturealgorithmscert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm i...