-
Notifications
You must be signed in to change notification settings - Fork 145
Uncovered Vulnerabilities
Juraj Somorovsky edited this page Oct 19, 2016
·
5 revisions
Most of the findings are summarized in our ACM CCS'16 paper Systematic Fuzzing and Testing of TLS Libraries
- OpenSSL padding oracle in AES-NI CBC MAC check: CVE-2016-2107, see also Curious Padding oracle in OpenSSL or Yet Another Padding Oracle in OpenSSL CBC Ciphersuites
- Botan 1.11.21 CVE-2015-7824
- MatrixSSL 3.8.2 padding oracle / access violation, see Access Violation on Malicious TLS Record
- MatrixSSL 3.8.2 Bleichenbacher attack, see Side Channel Vulnerability on RSA Cipher Suites
- OpenSSL-1.1.0-pre1, stack overflow vulnerability triggered by sending an overlong DH parameter in the DHClientKeyExchange message (fixed by the OpenSSL team in OpenSSL-1.1.0-pre2, after a parallel report)
- Botan 1.11.28, Out-of-bound read (not exploitable) by sending empty TLS records, see Botan Version 1.11.29
- GnuTLS 3.4.9 (not reported, sorry, my fault, but still fixed in the recent versions)
- OpenSSL 1.0.1, see ClientHello messages with invalid Extension lengths