SSL: OpenSSL SSL_check_chain NULL Pointer Dereference
This signature detects attempts to exploit a known vulnerability against OpenSSL. A successful attack can result in a denial-of-service condition.
Extended Description
Server or client applications that call the SSL_check_chain() function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signature_algorithms_cert" TLS extension. The crash occurs if an invalid or unrecognised signature algorithm is received from the peer. This could be exploited by a malicious peer in a Denial of Service attack. OpenSSL version 1.1.1d, 1.1.1e, and 1.1.1f are affected by this issue. This issue did not affect OpenSSL versions prior to 1.1.1d. Fixed in OpenSSL 1.1.1g (Affected 1.1.1d-1.1.1f).
Affected Products
Tenable log_correlation_engine
References
CVE: CVE-2020-1967
Short Name
SSL:OPENSSL-CHK-CHAIN-NPTR-DOS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SSL
Keywords
CVE-2020-1967 Dereference NULL OpenSSL Pointer SSL_check_chain
Release Date
09/16/2020
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3590
False Positive
Unknown
Vendors
Broadcom
Jdedwards
Fedoraproject
Openssl
Opensuse
Freebsd
Oracle
Netapp
Debian
Tenable
CVSS Score
5.0