Critical DoS Flaw found in OpenSSL — How It Works
The OpenSSL Foundation has patched over a dozen vulnerabilities in its cryptographic code library, including a high severity bug that can be exploited for denial-of-service (DoS) attacks. OpenSSL is a widely used open-source cryptographic library that provides encrypted Internet connections using Secure Sockets Layer (SSL) or Transport Layer Security (TLS) for the majority of websites, as well as other secure services.
The vulnerabilities exist in OpenSSL versions 1.0.1, 1.0.2 and 1.1.0 and patched in OpenSSL versions 1.1.0a, 1.0.2i and 1.0.1u. The Critical-rated bug (CVE-2016-6304) can be exploited by sending a large OCSP Status Request extension on the targeted server during connection negotiations, which causes memory exhaustion to launch DoS attacks, the OpenSSL Project said.
What is OCSP Protocol?
OCSP(Online Certificate Status Protocol), supported by all modern web browsers, is a protocol designed to perform verification and obtain the revocation status of a digital certificate attached to a website. OCSP divided into client and server components. When an application or a web browser attempts to verify an SSL certificate, the client component sends a request to an online responder via HTTP protocol, which in turn, returns the status of the certificate, valid or not.
Reported by Shi Lei, a researcher at Chinese security firm Qihoo 360, the vulnerability affects servers in their default configuration even if they do not support OCSP.
"An attacker could use the TLS extension "TLSEXT_TYPE_status_request" and fill the OCSP ids with continually renegotiation," the researcher explained in a blog post. "Theoretically, an attacker could continually renegotiation with the server thus causing unbounded memory growth on the server up to 64k each time."
How to Prevent OpenSSL DoS Attack
Administrators can mitigate damage by running 'no-ocsp.' Furthermore, servers using older versions of OpenSSL prior to 1.0.1g are not vulnerable in their default configuration. Another moderate severity vulnerability (CVE-2016-6305) that can be exploited to launch denial of service attacks is fixed in the patch release, affecting OpenSSL 1.1.0 that was launched less than one month ago. The team has also resolved a total of 12 low severity vulnerabilities in the latest versions of OpenSSL, but most of them do not affect the 1.1.0 branch. It is worth noting that the OpenSSL Project will end support for OpenSSL version 1.0.1 on 31st December 2016, so users will not receive any security update from the beginning of 2017. Therefore users are advised to upgrade in order to avoid any security issues.