SSL: OpenSSL DTLS Retransmission Denial of Service
This signature detects attempts to exploit a known vulnerability against OpenSSL DTLS. A successful attack can result in a denial-of-service condition.
Extended Description
The DTLS retransmission implementation in OpenSSL 1.0.0 before 1.0.0l and 1.0.1 before 1.0.1f does not properly maintain data structures for digest and encryption contexts, which might allow man-in-the-middle attackers to trigger the use of a different context and cause a denial of service (application crash) by interfering with packet delivery, related to ssl/d1_both.c and ssl/t1_enc.c.
Affected Products
Openssl openssl
References
CVE: CVE-2013-6450
Short Name
SSL:OPENSSL-DTLS-DOS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
SSL
Keywords
CVE-2013-6450 DTLS Denial OpenSSL Retransmission Service of
Release Date
02/26/2014
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3650
Port
UDP/4433
False Positive
Unknown
Vendors
Openssl
CVSS Score
5.8