Intrusion Prevention

OpenSSL.Server.Name.Extension.DoS

Description

This indicates an attempt to exploit a memory access vulnerability in the OpenSSL server.
The OpenSSL server in a vulnerable system does not properly validate the server name extension received in the 'Hello' packet from a Client. A remote attacker could send a specially crafted 'Hello' packet, which contains \x00 as server name extension, to the OpenSSL server on a vulnerable system. This will cause a memory access error in the OpenSSL server, leading to a crash and a denial of service.

Affected Products

OpenSSL versions 0.9.8f and 0.9.8g.

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

Recommended Actions

Update to OpenSSL version 0.9.8h.

CVE References

CVE-2008-0891