Vulnerability
SSL Certificates are data files that bind a cryptographic key. There are servers that uses vulnerable versions of openSSL. This may lead to OCSP stapling vulnerability. The old versions of OpenSSL allow remote attackers to successfully attempt a denial of service. The attacker can also possibly get sensitive information in a web application. This can be done by using a vulnerable/improper ClientHello handshake message. This message will trigger out-of-bounds memory access.
Impact
The impact include:-
- Denial of service
- OCSP Stapling
Mitigation / Precaution
This vulnerability can be fixed by:-
- Updating the OpenSSL to Latest version
- Upgrading the version
- If it is not immediately possible, patch the source code for OCSP Stapling
Written by
Summarize:
Experience the Beagle Security platform
Unlock one full penetration test and all Advanced plan features free for 14 days
