Vigil@nce - OpenSSL: memory leak via Session Ticket
October 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use a malicious Session Ticket, to create a memory
leak in OpenSSL, in order to trigger a denial of service.
Impacted products: StormShield, Debian, BIG-IP Appliance, FreeBSD,
HP-UX, AIX, MBS, McAfee Email and Web Security, McAfee Email
Gateway, ePO, McAfee Next Generation Firewall, VirusScan, McAfee
Web Gateway, OpenBSD, OpenSSL, openSUSE, Solaris, RHEL, Slackware,
stunnel, Ubuntu
Severity: 2/4
Creation date: 15/10/2014
DESCRIPTION OF THE VULNERABILITY
The OpenSSL product implements a SSL/TLS/DTLS client/server.
When the server receives a session ticket, it checks its
integrity. However, if this ticket is invalid, the memory
allocated for its processing is never freed.
An attacker can therefore use a malicious Session Ticket, to
create a memory leak in OpenSSL, in order to trigger a denial of
service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/OpenSSL-memory-leak-via-Session-Ticket-15490