Vigil@nce - OpenSSL: memory leak via SRTP
October 2014 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can create a memory leak in OpenSSL compiled by
default with SRTP, in order to trigger a denial of service.
Impacted products: Debian, BIG-IP Appliance, FreeBSD, AIX, McAfee
Email and Web Security, McAfee Email Gateway, ePO, McAfee Next
Generation Firewall, VirusScan, McAfee Web Gateway, OpenBSD,
OpenSSL, openSUSE, Solaris, RHEL, Slackware, stunnel, Ubuntu
Severity: 2/4
Creation date: 15/10/2014
DESCRIPTION OF THE VULNERABILITY
The OpenSSL library supports the SRTP extension, which is enabled
by default (except if OPENSSL_NO_SRTP is used).
However, when the OpenSSL server receives a special Handshake
message (even if SRTP is not used), an allocated memory area of
64kb is never freed.
An attacker can therefore create a memory leak in OpenSSL compiled
by default with SRTP, in order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/OpenSSL-memory-leak-via-SRTP-15489