Vigil@nce: GnuTLS, denial of service of gnutls_handshake
August 2008 by Vigil@nce
An attacker can re-request a handshake in order to stop
applications linked with GnuTLS.
– Gravity: 2/4
– Consequences: denial of service of service
– Provenance: internet client
– Means of attack: no proof of concept, no attack
– Ability of attacker: expert (4/4)
– Confidence: confirmed by the editor (5/5)
– Diffusion of the vulnerable configuration: high (3/3)
– Creation date: 27/08/2008
– Identifier: VIGILANCE-VUL-8061
IMPACTED PRODUCTS
- Unix - plateform
DESCRIPTION
The GnuTLS library implements the SSL/TLS protocol (alternative to
OpenSSL).
The gnutls_handshake() function does the handshake of the TLS/SSL
protocol and initializes the TLS connection.
When this function is called twice, for example if the attacker
re-request a handshake, the gcry_md_write() function uses a
pointer indicating a freed memory area. This error leads to a
segmentation error.
An attacker can therefore re-request a handshake in order to stop
applications linked with GnuTLS.
CHARACTERISTICS
– Identifiers: CVE-2008-2377, GNUTLS-SA-2008-2, VIGILANCE-VUL-8061
– Url: https://vigilance.aql.fr/tree/1/8061