wolfSSL Buffer Overflow
In wolfSSL versions prior to 5.5.1, malicious clients can cause a buffer overflow during a resumed TLS 1.3 handshake. If an attacker resumes a
previous TLS session by sending a maliciously crafted Client Hello,
followed by another maliciously crafted Client Hello. In total 2 Client
Hellos have to be sent. One which pretends to resume a previous session
and a second one as a response to a Hello Retry Request message.
https://packetstormsecurity.com/files/169600/wolfssl551-overflow.txt
Mon, 31 Oct 2022 14:59:09 GMT
________________________________
--- The information is for inforamtional purposes only.
* Origin: Read us with
http://winpoint.org JID:
rs@captflint.com