CVE-2011-1473
published 2012-06-16CVE-2011-1473: OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it…
PriorityP339medium5CVSS 2.0
AVNACLAuNCNINAP
EPSS
67.70%
99.2th percentile
OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection, a different vulnerability than CVE-2011-5094. NOTE: it can also be argued that it is the responsibility of server deployments, not a security library, to prevent or limit renegotiation when it is inappropriate within a specific environment
Affected
35 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| mozilla | network_security_services | — | — |
| openssl | openssl | <= 0.9.8k | — |
| openssl | openssl | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2011-1473 affects OpenSSL before 0.9.8l, and versions 0.9.8m through 1.x; client-initiated SSL/TLS renegotiation is not restricted, enabling CPU exhaustion DoS by performing many renegotiations within a single connection ↗
- →For NSS-based servers, the SSL_ENABLE_RENEGOTIATION option can be set to SSL_RENEGOTIATE_NEVER to detect/block renegotiation abuse; the NSS_SSL_ENABLE_RENEGOTIATION environment variable set to 0 or 'n' can also enforce this without application changes ↗
- →For httpd/mod_ssl deployments, client-initiated renegotiations were already rejected as a mitigation backported to RHEL packages; verify mod_ssl configuration rejects client-initiated renegotiations as a detection/prevention control ↗
- ·The CVE is marked DISPUTED; it can be argued that preventing renegotiation abuse is the responsibility of server deployments rather than the SSL/TLS library itself ↗
- ·Red Hat marked all affected OpenSSL packages (RHEL 4, 5, 6) as 'Will not fix', meaning no vendor patch is available; detection and mitigation must rely on configuration controls ↗
- ·OpenSSL 0.9.8l disabled renegotiation as a temporary fix for CVE-2009-3555, not specifically for this DoS; renegotiation was re-enabled in 0.9.8m with RFC5746 support, which the original reporter considered insufficient for this DoS vector ↗
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-m896-wg3p-7ffv: ** DISPUTED ** Mozilla Network Security Services (NSS) 3
ghsa_unreviewed·2022-05-17·CVSS 5.0
CVE-2011-5094 [MEDIUM] GHSA-m896-wg3p-7ffv: ** DISPUTED ** Mozilla Network Security Services (NSS) 3
** DISPUTED ** Mozilla Network Security Services (NSS) 3.x, with certain settings of the SSL_ENABLE_RENEGOTIATION option, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection, a different vulnerability than CVE-2011-1473. NOTE: it can also be argued that it is the responsibility of server deployments, not a security library, to prevent or limit renegotiation when it is inappropriate within a specific environment.
GHSA
GHSA-5wj2-7gqw-v6cm: ** DISPUTED ** OpenSSL before 0
ghsa_unreviewed·2022-05-13·CVSS 4.3
CVE-2011-1473 [MEDIUM] GHSA-5wj2-7gqw-v6cm: ** DISPUTED ** OpenSSL before 0
** DISPUTED ** OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection, a different vulnerability than CVE-2011-5094. NOTE: it can also be argued that it is the responsibility of server deployments, not a security library, to prevent or limit renegotiation when it is inappropriate within a specific environment.
Red Hat
nss: DoS via repeated SSL session renegotiations
vendor_redhat·2011-03-13·CVSS 5.0
CVE-2011-5094 [MEDIUM] nss: DoS via repeated SSL session renegotiations
nss: DoS via repeated SSL session renegotiations
Mozilla Network Security Services (NSS) 3.x, with certain settings of the SSL_ENABLE_RENEGOTIATION option, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection, a different vulnerability than CVE-2011-1473. NOTE: it can also be argued that it is the responsibility of server deployments, not a security library, to prevent or limit renegotiation when it is inappropriate within a specific environment
Package: nss (Red Hat Enterprise Linux 4) - Will not fix
Package: nss (Red Hat Enterprise Linux 5) - Will not fix
Package: nss (Red Hat Enterprise Linu
Red Hat
openssl: DoS via repeated SSL session renegotiations
vendor_redhat·2011-03-13·CVSS 5.0
CVE-2011-1473 [MEDIUM] openssl: DoS via repeated SSL session renegotiations
openssl: DoS via repeated SSL session renegotiations
OpenSSL before 0.9.8l, and 0.9.8m through 1.x, does not properly restrict client-initiated renegotiation within the SSL and TLS protocols, which might make it easier for remote attackers to cause a denial of service (CPU consumption) by performing many renegotiations within a single connection, a different vulnerability than CVE-2011-5094. NOTE: it can also be argued that it is the responsibility of server deployments, not a security library, to prevent or limit renegotiation when it is inappropriate within a specific environment
Package: openssl (Red Hat Enterprise Linux 4) - Will not fix
Package: openssl096b (Red Hat Enterprise Linux 4) - Will not fix
Package: openssl (Red Hat Enterprise Linux 5) - Will not fix
Package: openssl097
No detection rules found.
No public exploits indexed.
Bugzilla
Mozilla NSS TLS 1.3 CCS Flood remote DoS Attack
bugzilla·2020-05-28
Mozilla NSS TLS 1.3 CCS Flood remote DoS Attack
Mozilla NSS TLS 1.3 CCS Flood remote DoS Attack
Created attachment 9152323
PoC
User Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Steps to reproduce:
Step 1. Checkout the latest version of NSS code and build it. Revision ID: 661e3e3f6ba515a36fc97038164979a216c9f87b
Step 2. Run ssl_gtests.sh test to create the data selfserv tool needed.
```shell
HOST=localhost DOMSUF=localdomain USE_64=1 ./nss/tests/ssl_gtests/ssl_gtests.sh
```
Step 3. Run slefserv in TLS 1.3 mode.
```shell
NSS_DIR="$(pwd)/dist/$(cat dist/latest)"
LD_LIBRARY_PATH="$NSS_DIR/lib" "$NSS_DIR/bin/selfserv" -n rsa -p 4433 -d ~/nss-dev/tests_results/security/localhost.1/ssl_gtests/ -v -V tls1.3:tls1.3
```
Step 4. Config environment for PoC (
Bugzilla
CVE-2011-5094 nss: DoS via repeated SSL session renegotiations
bugzilla·2012-06-18·CVSS 5.0
CVE-2011-5094 [MEDIUM] CVE-2011-5094 nss: DoS via repeated SSL session renegotiations
CVE-2011-5094 nss: DoS via repeated SSL session renegotiations
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-5094
Assigned: 20120616
Reference: URL: http://www.openwall.com/lists/oss-security/2011/07/08/2
Reference: URL: http://www.ietf.org/mail-archive/web/tls/current/msg07564.html
Reference: URL: http://www.ietf.org/mail-archive/web/tls/current/msg07567.html
Reference: URL: http://www.ietf.org/mail-archive/web/tls/current/msg07553.html
Reference: URL: http://www.ietf.org/mail-archive/web/tls/current/msg07576.html
Reference: URL: http://www.ietf.org/mail-archive/web/tls/current/msg07577.html
Reference: MISC: http://orchilles.com/2011/03/ssl-renegotiation-dos.html
Reference: MISC: http://vincent.bernat.im/en/blog/2011-ssl-dos-mitigation.html
Reference: MISC: http://www.educa
Bugzilla
CVE-2011-1473 openssl: DoS via repeated SSL session renegotiations
bugzilla·2011-05-23·CVSS 5.0
CVE-2011-1473 [MEDIUM] CVE-2011-1473 openssl: DoS via repeated SSL session renegotiations
CVE-2011-1473 openssl: DoS via repeated SSL session renegotiations
It was reported [1] that a flaw exists in how openSSL handles SSL renegotiation. Because of the processing power required to handle an SSL/TLS handshake, with renegotiation enabled, a user can send multiple handshakes per second due to the renegotiation request being permitted. This could allow a malicious user to send multiple renegotiation requests and exhaust server resources.
Note that this is not the only way to cause a denial of service on an SSL-enabled service; there are many other ways to accomplish the same thing, this just makes it easier.
What makes this bug even more confusing is that this report is recent, with a 2011 CVE, however the recommended fix in the report is to upgrade to OpenSSL 0.9.8l, which is w
http://archives.neohapsis.com/archives/bugtraq/2014-02/0061.htmlhttp://marc.info/?l=bugtraq&m=133951357207000&w=2http://orchilles.com/2011/03/ssl-renegotiation-dos.htmlhttp://vincent.bernat.im/en/blog/2011-ssl-dos-mitigation.htmlhttp://www.educatedguesswork.org/2011/10/ssltls_and_computational_dos.htmlhttp://www.ietf.org/mail-archive/web/tls/current/msg07553.htmlhttp://www.ietf.org/mail-archive/web/tls/current/msg07564.htmlhttp://www.ietf.org/mail-archive/web/tls/current/msg07567.htmlhttp://www.ietf.org/mail-archive/web/tls/current/msg07576.htmlhttp://www.ietf.org/mail-archive/web/tls/current/msg07577.htmlhttp://www.openwall.com/lists/oss-security/2011/07/08/2https://bugzilla.redhat.com/show_bug.cgi?id=707065https://lists.apache.org/thread.html/142b93d261e8ac7c5ceffdce848d622404abc1c286bbc999f43a9e10%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/6121becfdd23f9aeb675d5db80616536277d5931d6cde9dca292e509%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/8be38d35654441140db8eb3f7433524b3653ac3fdc26e2fa94626a3a%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/r13a07a09f98b2841193dbf17a47c7f09b464e0747a1d3e7298ad4c81%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/r1e33410bb5c81536e7fe14b51fa83e7bfd9445db61fd10c134792bde%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/r298a09a2b98446b27217d719e877c643b6d13fac0bcafe04696a446b%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/r3822ad69442291562c2ab41132fc49780d269e8b52deb458b7060f6d%40%3Ccommits.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/r5e595b91f00613dafa635852121d45b161e8b5c3eba4551aeccc6483%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/r77fe575893261889b983e067293be72fa1f8c6305ede9fdbc404c514%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/r8680f41bcdad13c3f267cb868b45e5fb1f57df8b39d25193f7d66500%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/ra95c355827b3c96c8013ed8e0666c851581651be2524f3d28cd4fe71%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/rc98eaa3f8223ac75aa5969f717954d8cbc9f3a9d8b7a6156a54fa557%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/rf9e8ae0356af3ec4f7780ca651b770721d287d4d55f62f4f754e0a6f%40%3Cdev.rocketmq.apache.org%3Ehttp://archives.neohapsis.com/archives/bugtraq/2014-02/0061.htmlhttp://marc.info/?l=bugtraq&m=133951357207000&w=2http://orchilles.com/2011/03/ssl-renegotiation-dos.htmlhttp://vincent.bernat.im/en/blog/2011-ssl-dos-mitigation.htmlhttp://www.educatedguesswork.org/2011/10/ssltls_and_computational_dos.htmlhttp://www.ietf.org/mail-archive/web/tls/current/msg07553.htmlhttp://www.ietf.org/mail-archive/web/tls/current/msg07564.htmlhttp://www.ietf.org/mail-archive/web/tls/current/msg07567.htmlhttp://www.ietf.org/mail-archive/web/tls/current/msg07576.htmlhttp://www.ietf.org/mail-archive/web/tls/current/msg07577.htmlhttp://www.openwall.com/lists/oss-security/2011/07/08/2https://bugzilla.redhat.com/show_bug.cgi?id=707065https://lists.apache.org/thread.html/142b93d261e8ac7c5ceffdce848d622404abc1c286bbc999f43a9e10%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/6121becfdd23f9aeb675d5db80616536277d5931d6cde9dca292e509%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/8be38d35654441140db8eb3f7433524b3653ac3fdc26e2fa94626a3a%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/r13a07a09f98b2841193dbf17a47c7f09b464e0747a1d3e7298ad4c81%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/r1e33410bb5c81536e7fe14b51fa83e7bfd9445db61fd10c134792bde%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/r298a09a2b98446b27217d719e877c643b6d13fac0bcafe04696a446b%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/r3822ad69442291562c2ab41132fc49780d269e8b52deb458b7060f6d%40%3Ccommits.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/r5e595b91f00613dafa635852121d45b161e8b5c3eba4551aeccc6483%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/r77fe575893261889b983e067293be72fa1f8c6305ede9fdbc404c514%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/r8680f41bcdad13c3f267cb868b45e5fb1f57df8b39d25193f7d66500%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/ra95c355827b3c96c8013ed8e0666c851581651be2524f3d28cd4fe71%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/rc98eaa3f8223ac75aa5969f717954d8cbc9f3a9d8b7a6156a54fa557%40%3Cdev.rocketmq.apache.org%3Ehttps://lists.apache.org/thread.html/rf9e8ae0356af3ec4f7780ca651b770721d287d4d55f62f4f754e0a6f%40%3Cdev.rocketmq.apache.org%3E
2012-06-16
Published