OpenSSL(CVE-2016-6304)

漏洞发布时间:22-9-2016

Alt text

OCSP状态请求扩展跨内存边界增长(CVE-2016-6304)

安全等级: 高危
恶意的客户端可以发送过大的OCSP状态请求延期。如果该客户端不断请求重新谈判,发送一个大的 OCSP 状态请求每延长一次,那么
就会有无限的内存增长在服务器上。这最终将导致通过内存耗尽的拒绝服务攻击。这种攻击在使用默认配置的服务器上很容易执行,
即使他们不支持 OCSP。建立使用”无 ocsp”生成时间选项不会受到影响。

Servers using OpenSSL versions prior to 1.0.1g are not vulnerable in a default configuration, instead only if an application explicitly enables OCSP stapling support.

OpenSSL 1.1.0 应该升级到 1.1.0a
OpenSSL 1.0.2 应该升级到 1.0.2i
OpenSSL 1.0.1 应该升级到 1.0.1u

SSL_peek() hang on empty record (CVE-2016-6305)

===============================================
Severity: Moderate
OpenSSL 1.1.0 SSL/TLS will hang during a call to SSL_peek() if the peer sends an
empty record. This could be exploited by a malicious peer in a Denial Of Service
attack.
OpenSSL 1.1.0 users should upgrade to 1.1.0a
This issue was reported to OpenSSL on 10th September 2016 by Alex Gaynor. The
fix was developed by Matt Caswell of the OpenSSL development team.

摘录:

more infoclick1
more infoclick2
more infoclick3

-------------本文结束感谢浏览-------------