Project

General

Profile

Actions

Security #955

closed

SSL parsing issue

Added by Victor Julien about 9 years ago. Updated about 2 years ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Label:
Git IDs:

b7f6f9724595e7f595c3cc4fc9fa4d3d0839e122
8ec28dea16080c77828412d6de01018dabc7b7c3

Severity:

Description

CVE-2013-5919 reported by Sebastian Roschke.


Subtasks 1 (0 open1 closed)

Security #958: SSL parsing issue (master)ClosedAnoop SaldanhaActions
Actions #1

Updated by Victor Julien about 9 years ago

  • Description updated (diff)
Actions #2

Updated by Victor Julien about 9 years ago

  • Status changed from Assigned to Closed
  • Private changed from Yes to No

Fixed by:

commit 70c535220ebcfa111cb1878b658b8dbe302b380d                                                                                                                                                                                              
Author: Anoop Saldanha <anoopsaldanha@gmail.com>                                                                                                                                                                                             
Date:   Tue Sep 24 11:31:37 2013 +0530                                                                                                                                                                                                       

    Add decoder event rule for tls event "invalid_ssl_record", which will now be available "app-layer-event:tls.invalid_ssl_record".

commit b7f6f9724595e7f595c3cc4fc9fa4d3d0839e122
Author: Anoop Saldanha <anoopsaldanha@gmail.com>
Date:   Fri Sep 13 19:57:29 2013 +0530

    bug #955 - Fix SSL parsing issue.

    The parser wasn't carrying out a bounds check on record length while
    in the middle of parsing a handshake.  As a result we would step onto the
    next record header and consider it a part of the current handshake.

    - Contains an unittest to test the issue.
    - Disable the duplicate parser unittest registration.

    The issue came to light through an irregular ssl record, which was
    reported by Sebastian Roschke, via CVE-2013-5919.

    Thanks to Sebastian Roschke for reporting this issue.

Actions #3

Updated by Victor Julien about 2 years ago

  • Tracker changed from Bug to Security
  • CVE set to 2013-5919
  • Git IDs updated (diff)
Actions

Also available in: Atom PDF