dnrops
/
metasploit-framework
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

cleanup for openssl_aesni

This commit is contained in:
jvazquez-r7 2013-03-05 22:41:16 +01:00
parent 784c075986
commit 781132b1cf
1 changed files with 12 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
modules/auxiliary/dos/ssl/openssl_aesni.rb
View File

@ -9,15 +9,18 @@ class Metasploit4 < Msf::Auxiliary
super(update_info(info,
'Name' => 'OpenSSL TLS 1.1 and 1.2 AES-NI DoS',
'Description' => %q{
The AES-NI implementation of OpenSSL 1.0.1c does not
properly compute the length of an encrypte message when used
with a TLS version 1.1 or above. This leads to an integer
underflow which can cause a DoS.
The AES-NI implementation of OpenSSL 1.0.1c does not properly compute the
length of an encrypted message when used with a TLS version 1.1 or above. This
leads to an integer underflow which can cause a DoS. The vulnerable function
aesni_cbc_hmac_sha1_cipher is only included in the 64 bits versions of OpenSSL.
This module has been tested successfully on Ubuntu 12.04 (64 bits) with the default
OpenSSL 1.0.1c package.
},
'Author' => [
'Wolfgang Ettlinger <wolfgang.ettlinger[at]gmail.com>'
],
'License' => BSD_LICENSE,
'Author' =>
[
'Wolfgang Ettlinger <wolfgang.ettlinger[at]gmail.com>'
],
'License' => MSF_LICENSE,
'References' =>
[
[ 'CVE', '2012-2686'],
@ -138,7 +141,7 @@ class Metasploit4 < Msf::Auxiliary
connect
sock.put(p1)
resp = sock.recv(4096)
resp = sock.get_once
cs = get_cipher_suite(resp)