SSL: OpenSSL Elliptic Polynomial Denial-Of-Service
This signature detects attempts to exploit a known vulnerability against OpenSSL. A successful attack can result in a denial-of-service condition.
Extended Description
The BN_GF2m_mod_inv function in crypto/bn/bn_gf2m.c in OpenSSL before 0.9.8s, 1.0.0 before 1.0.0e, 1.0.1 before 1.0.1n, and 1.0.2 before 1.0.2b does not properly handle ECParameters structures in which the curve is over a malformed binary polynomial field, which allows remote attackers to cause a denial of service (infinite loop) via a session that uses an Elliptic Curve algorithm, as demonstrated by an attack against a server that supports client authentication.
Affected Products
Openssl openssl
Short Name
SSL:OVERFLOW:ELLIPTIC-POLY-DOS
Severity
Major
Recommended
True
Recommended Action
Drop
Category
SSL
Keywords
CVE-2015-1788 Denial-Of-Service Elliptic OpenSSL Polynomial
Release Date
08/27/2015
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3337
False Positive
Unknown
Vendors
Openssl
CVSS Score
4.3