CVEs-PoC/2017/CVE-2017-3733.md

### [CVE-2017-3733](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3733)
![](https://img.shields.io/static/v1?label=Product&message=OpenSSL&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=openssl-1.1.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=openssl-1.1.0a%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=openssl-1.1.0b%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=openssl-1.1.0c%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=openssl-1.1.0d%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=protocol%20error&color=brightgreen)

### Description

During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.

### POC

#### Reference
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Ananya-0306/vuln-finder
- https://github.com/akaganeite/CVE4PP
- https://github.com/chnzzh/OpenSSL-CVE-lib
- https://github.com/cve-search/git-vuln-finder
- https://github.com/scarby/cve_details_client