CVEs-PoC/2017/CVE-2017-3733.md at d9c64e504a400a9c76c5acac87c0beb68d3a78a3

CalvinBackup/CVEs-PoC

Fork 0

mirror of https://github.com/0xMarcio/cve.git synced 2026-05-09 23:27:33 +02:00

Files

T

0xMarcio ba290685fe Update CVE sources 2024-06-09 00:33

2024-06-09 00:33:16 +00:00

Description

During a renegotiation handshake if the Encrypt-Then-Mac extension is negotiated where it was not in the original handshake (or vice-versa) then this can cause OpenSSL 1.1.0 before 1.1.0e to crash (dependent on ciphersuite). Both clients and servers are affected.

POC

Reference

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Github

https://github.com/ARPSyndicate/cvemon
https://github.com/Ananya-0306/vuln-finder
https://github.com/chnzzh/OpenSSL-CVE-lib
https://github.com/cve-search/git-vuln-finder
https://github.com/scarby/cve_details_client

1.2 KiB Raw Blame History

CVE-2017-3733

Description

POC

Reference

Github

1.2 KiB

Raw Blame History