Contador nichichanilimonada

sábado, 27 de enero de 2024

TLS V1.2 Sigalgs Remote Crash (CVE-2015-0291)


OpenSSL 1.0.2a fix several security issues, one of them let crash TLSv1.2 based services remotelly from internet.


Regarding to the TLSv1.2 RFC,  this version of TLS provides a "signature_algorithms" extension for the client_hello. 

Data Structures
If a bad signature is sent after the renegotiation, the structure will be corrupted, becouse structure pointer:
s->c->shared_sigalgs will be NULL, and the number of algorithms:
s->c->shared_sigalgslen will not be zeroed.
Which will be interpreted as one algorithm to process, but the pointer points to 0x00 address. 


Then tls1_process_sigalgs() will try to process one signature algorithm (becouse of shared_sigalgslen=1) then sigptr will be pointer to c->shared_sigalgs (NULL) and then will try to derreference sigptr->rhash. 


This mean a Segmentation Fault in  tls1_process_sigalgs() function, and called by tls1_set_server_sigalgs() with is called from ssl3_client_hello() as the stack trace shows.




StackTrace

The following code, points sigptr to null and try to read sigptr->rsign, which is assembled as movzbl eax,  byte ptr [0x0+R12] note in register window that R12 is 0x00

Debugger in the crash point.


radare2 static decompiled


The patch fix the vulnerability zeroing the sigalgslen.
Get  David A. Ramos' proof of concept exploit here





Related word


  1. Tools For Hacker
  2. Nsa Hack Tools Download
  3. Hack And Tools
  4. Beginner Hacker Tools
  5. Hacking Tools Free Download
  6. Hack App
  7. Tools For Hacker
  8. Hacker Tools Free
  9. Hack Tools For Pc
  10. How To Make Hacking Tools
  11. Growth Hacker Tools
  12. Hacking Tools Mac
  13. Computer Hacker
  14. Hacker Tools Hardware
  15. Hacker Tools Hardware
  16. Android Hack Tools Github
  17. Hacker Tools Github
  18. Pentest Tools Kali Linux
  19. Hack Tool Apk No Root
  20. Pentest Tools Framework
  21. How To Hack
  22. Wifi Hacker Tools For Windows
  23. Hacker Tools For Mac
  24. How To Install Pentest Tools In Ubuntu
  25. Hacking Tools Pc
  26. Hacker Tools Github
  27. Pentest Tools Find Subdomains
  28. Pentest Tools For Android
  29. Hacking Apps
  30. Termux Hacking Tools 2019
  31. Hacker Tools 2019
  32. Hacking Tools Online
  33. Hak5 Tools
  34. Hacking Tools For Windows
  35. Hacker Hardware Tools
  36. Nsa Hacker Tools
  37. What Are Hacking Tools
  38. Hack Tools For Games
  39. How To Make Hacking Tools
  40. Underground Hacker Sites
  41. Pentest Tools Review
  42. Underground Hacker Sites
  43. Bluetooth Hacking Tools Kali
  44. Hack Tools For Windows
  45. Hacking Tools Hardware
  46. Growth Hacker Tools
  47. Blackhat Hacker Tools
  48. Hacker Tools For Pc
  49. Pentest Tools Nmap
  50. Hacker Security Tools
  51. Hacking Tools For Windows 7
  52. Pentest Tools Github
  53. Physical Pentest Tools
  54. Pentest Tools Free
  55. Hacking Tools And Software
  56. Hack Rom Tools
  57. Blackhat Hacker Tools
  58. How To Install Pentest Tools In Ubuntu
  59. Hacking Tools Free Download
  60. Hacker Security Tools
  61. Bluetooth Hacking Tools Kali
  62. Game Hacking
  63. Hacking Tools For Games
  64. Kik Hack Tools
  65. Pentest Tools Port Scanner
  66. Usb Pentest Tools
  67. Hack Tools Download
  68. Hacking App
  69. Hacking Tools Windows
  70. Hacking App
  71. Pentest Tools Nmap
  72. Hacker Tools For Mac
  73. Tools For Hacker
  74. Hacking Apps
  75. Top Pentest Tools
  76. Pentest Tools List
  77. Underground Hacker Sites
  78. Easy Hack Tools
  79. Blackhat Hacker Tools
  80. Pentest Tools Alternative
  81. Free Pentest Tools For Windows
  82. Ethical Hacker Tools
  83. Pentest Tools Find Subdomains
  84. Hack Tools 2019
  85. Underground Hacker Sites
  86. How To Install Pentest Tools In Ubuntu
  87. Hack Tool Apk No Root
  88. New Hack Tools
  89. Hack Tools For Windows
  90. Usb Pentest Tools
  91. Top Pentest Tools
  92. Pentest Tools Port Scanner
  93. How To Make Hacking Tools
  94. Tools For Hacker
  95. Hacking Tools Online
  96. Pentest Box Tools Download
  97. Hacker Tools Mac
  98. Best Hacking Tools 2019
  99. Game Hacking
  100. Hack Tools 2019
  101. How To Make Hacking Tools
  102. Tools Used For Hacking
  103. Hacking Tools 2019
  104. Free Pentest Tools For Windows
  105. Pentest Tools Url Fuzzer
  106. Underground Hacker Sites
  107. Top Pentest Tools
  108. Pentest Tools Subdomain
  109. Pentest Tools Open Source
  110. Hacker Tools Hardware
  111. Pentest Tools Free
  112. Hack App
  113. Hacking Tools For Kali Linux
  114. Easy Hack Tools
  115. Pentest Tools For Mac
  116. Hacker Tools For Windows
  117. Pentest Tools For Mac
  118. Hacking Tools And Software
  119. Hack Tools 2019
  120. Hacker Tools 2020
  121. Top Pentest Tools
  122. Hacking Tools Windows 10
  123. Hacker Tools 2020
  124. Pentest Tools Website
  125. Tools 4 Hack
  126. Pentest Tools Tcp Port Scanner
  127. Hacker Tool Kit
  128. Pentest Tools Android
  129. New Hacker Tools
  130. Nsa Hacker Tools
  131. Termux Hacking Tools 2019
  132. Pentest Tools For Ubuntu
  133. How To Install Pentest Tools In Ubuntu
  134. Android Hack Tools Github
  135. Hackrf Tools
  136. Pentest Tools Download
  137. Hack And Tools
  138. Pentest Tools Download
  139. Hacker
  140. Pentest Tools Bluekeep
  141. Pentest Automation Tools
  142. Blackhat Hacker Tools
  143. Hacker Tools Online
  144. Pentest Recon Tools
  145. Hack Tools Pc
  146. Pentest Tools Framework
  147. Computer Hacker
  148. Hacker Tools Linux
  149. Hack Tools For Windows
  150. Hack Tools
  151. Hack Tools For Windows
  152. Pentest Tools Online
  153. Hack Rom Tools
  154. Hacker Techniques Tools And Incident Handling
  155. Install Pentest Tools Ubuntu
  156. Hacking Tools Usb
  157. Hacker Tools Mac
  158. Blackhat Hacker Tools
  159. Hack Tools 2019
  160. Android Hack Tools Github
  161. Hack Tools Github
  162. Free Pentest Tools For Windows
  163. Hacks And Tools
Publicado por en

No hay comentarios:

Publicar un comentario

Suscribirse a: Enviar comentarios (Atom)