[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FD] New OpenSSL double-free and invalid free vulnerabilities in X509 parsing

To: fulldisclosure@xxxxxxxxxxxx
Subject: [FD] New OpenSSL double-free and invalid free vulnerabilities in X509 parsing
From: Guido Vranken <guidovranken@xxxxxxxxx>
Date: Tue, 11 Oct 2016 19:18:00 +0200

These vulnerabilities were found in the latest OpenSSL (1.1.0b).
Triggering these vulnerabilities is not trivial -- they rely on memory
shortages (malloc/realloc failures) or failing to acquire a thread
lock while the X509 data is being parsed. Possibly exploitation can be
achieved by exploiting a memory leak/accumulation (such as the
recently discovered CVE-2016-6304). Proof of concepts and more
extensive commentary at the link below.

https://github.com/guidovranken/openssl-x509-vulnerabilities

_______________________________________________
Sent through the Full Disclosure mailing list
https://nmap.org/mailman/listinfo/fulldisclosure
Web Archives & RSS: http://seclists.org/fulldisclosure/

Prev by Date: [FD] [SYSS-2016-075] Targus Multimedia Presentation Remote - Insufficient Verification of Data Authenticity (CWE-345), Mouse Spoofing Attack
Next by Date: [FD] CVE-2016-8600 dotCMS - CAPTCHA bypass by reusing valid code
Previous by thread: [FD] [SYSS-2016-075] Targus Multimedia Presentation Remote - Insufficient Verification of Data Authenticity (CWE-345), Mouse Spoofing Attack
Next by thread: [FD] CVE-2016-8600 dotCMS - CAPTCHA bypass by reusing valid code
Index(es):
- Date
- Thread