OpenSSL.X509.Punycode.Buffer.Overflow
Description
This indicates an attack attempt to exploit a Buffer Overflow Vulnerability in OpenSSL Project OpenSSL.
The vulnerability is due to improper validation when handling punycode encoding. A remote attacker could exploit the vulnerability by sending a crafted certificate. Successful exploitation could result in a denial of service condition or remote code execution on the affected system.
Outbreak Alert
An attacker can craft a malicious email address to overflow four attacker-controlled bytes on the stack in X.509 certificate verification, specifically, in name constraint checking. This buffer overflow could result in a crash which can cause a denial of service or potentially a remote code execution.
Affected Products
OpenSSL Project OpenSSL 3.0.0
OpenSSL Project OpenSSL 3.0.1
OpenSSL Project OpenSSL 3.0.2
OpenSSL Project OpenSSL 3.0.3
OpenSSL Project OpenSSL 3.0.4
OpenSSL Project OpenSSL 3.0.5
OpenSSL Project OpenSSL 3.0.6
OpenSSL Project OpenSSL prior to 3.0.7
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.openssl.org/news/secadv/20221101.txt
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2023-10-24 | 25.663 | Sig Added |
2022-11-15 | 22.440 | Sig Added |
2022-11-04 | 22.432 |