Vigil@nce - OpenSSL: denial of service via the "Encrypt-Then-Mac" option
April 2017 by Vigil@nce
This bulletin was written by Vigil@nce : https://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can change the state of the "Encrypt-Then-Mac" TLS
option in a renegotiation with a server or client based on
OpenSSL, in order to trigger a denial of service.
– Impacted products: Cisco ASR, Cisco ATA, AsyncOS, Cisco Catalyst,
Cisco Content SMA, Cisco ESA, IOS by Cisco, IOS XE Cisco, IOS XR
Cisco, Nexus by Cisco, NX-OS, Cisco Prime Access Registrar, Prime
Collaboration Assurance, Cisco Prime DCNM, Prime Infrastructure,
Cisco Router, Cisco CUCM, Cisco Manager Attendant Console, Cisco
MeetingPlace, Cisco Wireless IP Phone, Cisco WSA, Cisco Wireless
Controller, HP Operations, OpenSSL.
– Severity: 2/4.
– Creation date: 16/02/2017.
DESCRIPTION OF THE VULNERABILITY
OpenSSL implements the possibility of renegotiation of TLS option
and parameters during a session.
However, for some combinations of algorithms, the negation of the
state of the option "Encrypt-Then-Mac" generates a fatal error.
An attacker can therefore change the state of the
"Encrypt-Then-Mac" TLS option in a renegotiation with a server or
client based on OpenSSL, in order to trigger a denial of service.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/OpenSSL-denial-of-service-via-the-Encrypt-Then-Mac-option-21871