![]() In a TLS server, this can be triggered if the server requests client authentication and a malicious client connects. In a TLS client, this can be triggered by connecting to a malicious server. On November 1st, 2022, OpenSSL disclosed two high severity vulnerabilities impacting OpenSSL versions above 3.0. This buffer overflow could result in a crash (causing a denial of service). An attacker can craft a malicious email address in a certificate to overflow an arbitrary number of bytes containing the '.' character (decimal 46) on the stack. A buffer overflow occurs when a program attempts to access (read or write) an address in memory that is beyond the range of an allocated buffer. ![]() Note that this occurs after certificate chain signature verification and requires either a CA to have signed a malicious certificate or for an application to continue certificate verification despite failure to construct a path to a trusted issuer. The 2022 OpenSSL vulnerabilities (CVE-2022-3602 and CVE-2022-3786) both fall into the category of buffer overflow. Security Bulletin SB10390 is also now available.Ī buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Additional information can be found in this Trellix blog post. ![]() More information about this can be found in the corresponding OpenSSL blog post. CVE-2022-3602 was originally assessed by the OpenSSL project as CRITICAL, but was later reduced to HIGH severity. On 1 November 2022, OpenSSL released an advisory about CVE-2022-3786 (“X.509 Email Address Variable Length Buffer Overflow”) and CVE-2022-3602 (“X.509 Email Address 4-byte Buffer Overflow”). To receive email notification when this article is updated, click Subscribe on the right side of the page.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |