<a href="http://g.adspeed.net/ad.php?do=clk&zid=14678&wd=728&ht=90&pair=as" target="_top"><img style="border:0px;" src="http://g.adspeed.net/ad.php?do=img&zid=14678&wd=728&ht=90&pair=as" alt="i" width="728" height="90"/></a>

Nmap Security Scanner

Docs
Security Lists

Full Disclosure

More
Security Tools

Packet crafters

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

edgeos

Vulnerability Development: Cause of MS SSL DoS attack

Cause of MS SSL DoS attack

From: SanjayR <sanjayr_at_intoto.com>
Date: Mon, 28 Nov 2005 17:58:58 +0530

Hi All;
I am trying to understand the main cause of DoS for MS SSL vulnerability
(MS04-011, CAN-2004-0120). Everywhere, I get one information
that specially malformed SSL messages can cause DoS, but what exactly is
causing the DoS is not mentioned. After seeing the exploit code, I could
see that normally, during SSL handshake, client sends available Cipher
suites to server, which are around 30 (at most). therefore Cipher Suite
length is at most 60 bytes (in general). but under this attack, i found it
to be 39729!! there are many unknown types of cipher suites. Is this the
cause of DoS? I shall be thankful for any information.

-Sanjay
Received on Nov 28 2005

This message: [ Message body ]
Next message: David Barroso: "Re: Cause of MS SSL DoS attack"
Previous message: Rik Bobbaers: "Re: Randomized Stack"
Next in thread: David Barroso: "Re: Cause of MS SSL DoS attack"
Reply: David Barroso: "Re: Cause of MS SSL DoS attack"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]

edgeos