Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
The asn1_signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted certificate in the TLS certificate handshake message, because the result of get_asn1_length() is not checked for a minimum or maximum size.
- http://packetstormsecurity.com/files/155500/axTLS-2.1.5-Denial-Of-Service.html
- https://www.telekom.com/en/corporate-responsibility/data-protection-data-security/security/details/advisories-504842
No PoCs found on GitHub currently.