Vigil@nce - TLS, OpenSSL: overload via renegotiation
July 2011 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A malicious client can request several renegotiations to a SSL/TLS
server, in order to overload it.
Severity: 2/4
Creation date: 08/07/2011
IMPACTED PRODUCTS
– Apache httpd
– OpenSSL
DESCRIPTION OF THE VULNERABILITY
When opening a connection using TLS, a negotiation mechanism
allows the client and server to agree on the encryption algorithm
to use. The protocol allows for renegotiation at any time during
the connection (for example if the client uses a certificate).
However, the renegotiation is a complex algorithm, which requires
more resources on the server than on the client.
A malicious client can therefore request several renegotiations to
a SSL/TLS server, in order to overload it.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/TLS-OpenSSL-overload-via-renegotiation-10823