Remote buffer overflow vulnerability in SharkSSL TLS handshake processing
2024-12-19 00:0:0 Author: github.security.telekom.com(查看原文) 阅读量:0 收藏

A new remote buffer overflow vulnerability was discovered in the latest version of the SharkSSL library from 05.05.2024 (https://github.com/RealTimeLogic/SharkSSL) by security evaluators of Deutsche Telekom Security GmbH and Deutsche Telekom AG with modern fuzzing methods. The vulnerability allows an attacker to read large regions of the SharkSSL TLS server’s memory. This is likely to result in a segmentation fault and can be used for a remote Denial-of-Service attack by an attacker. Special thanks to Robert Hörr for his support, supervision and guidance during this research.

View the full advisory


文章来源: https://github.security.telekom.com/2024/12/sharkssl.html
如有侵权请联系:admin#unsafe.sh