REDHAT-BUG-707065
First published: Mon May 23 2011(Updated: )
It was reported [1] that a flaw exists in how openSSL handles SSL renegotiation. Because of the processing power required to handle an SSL/TLS handshake, with renegotiation enabled, a user can send multiple handshakes per second due to the renegotiation request being permitted. This could allow a malicious user to send multiple renegotiation requests and exhaust server resources. Note that this is not the only way to cause a denial of service on an SSL-enabled service; there are many other ways to accomplish the same thing, this just makes it easier. What makes this bug even more confusing is that this report is recent, with a 2011 CVE, however the recommended fix in the report is to upgrade to OpenSSL 0.9.8l, which is what disabled renegotiation, however it was subsequently re-enabled when OpenSSL added support for RFC5746 in OpenSSL 0.9.8m (which the reporter seems to imply isn't sufficient). I'm not sure where the CVE assignment came from; on MITRE's site is is reserved yet and I have not seen this discussed anywhere else but in a Nessus scan report [2]. As an aside, and to reference something we may need to look at, there seems to be some concern with Apache and how it works with SSL renegotiation disabled [3], so we will need to look into cases where disabling SSL renegotiation may impact expected behaviour of currently released products. [1] <a href="http://orchilles.com/2011/03/ssl-renegotiation-dos.html">http://orchilles.com/2011/03/ssl-renegotiation-dos.html</a> [2] <a href="https://discussions.nessus.org/message/10629">https://discussions.nessus.org/message/10629</a> [3] <a href="http://old.nabble.com/TLS-renegotiation-disabling-%3A-mod_ssl-and-OpenSSL--0.9.8l-td26285568.html">http://old.nabble.com/TLS-renegotiation-disabling-%3A-mod_ssl-and-OpenSSL--0.9.8l-td26285568.html</a>
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenSSL | >=0.9.8l<0.9.8m |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://orchilles.com/2011/03/ssl-renegotiation-dos.html
- https://discussions.nessus.org/message/10629
- http://old.nabble.com/TLS-renegotiation-disabling-%3A-mod_ssl-and-OpenSSL--0.9.8l-td26285568.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=707065#c0
- http://www.ietf.org/mail-archive/web/tls/current/msg07553.html
- https://access.redhat.com/security/cve/CVE-2009-3555
- https://access.redhat.com/kb/docs/DOC-20491#Clientinitiated_renegotiations_disabled_in_mod_ssl
- https://access.redhat.com/kb/docs/DOC-20491#The_RFC_5746_implementation_in_NSS_Network_Security_Services
- http://www.thc.org/thc-ssl-dos/
- http://www.educatedguesswork.org/2011/10/ssltls_and_computational_dos.html
- http://vincent.bernat.im/en/blog/2011-ssl-dos-mitigation.html
- https://access.redhat.com/security/cve/CVE-2011-5094
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=833118
- https://access.redhat.com/security/cve/cve-2011-1473
- https://bugzilla.redhat.com/show_bug.cgi?id=707065
- agent/first-publish-date
- agent/last-modified-date
- agent/type
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2011-1473
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/openssl
- canonical/openssl