cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5920
Views
0
Helpful
10
Replies

53491 - SSL / TLS Renegotiation DoS "nessus"

Archil Sokhadze
Level 1
Level 1

custumer is telling me that they have found  vulerability on vcs-expressway .

Results Details

5061/tcp


53491 - SSL / TLS Renegotiation DoS[-/+]

Synopsis

The remote service allows repeated renegotiation of TLS / SSL connections.

Description

The remote service encrypts traffic using TLS / SSL and permits clients to renegotiate connections. The computational requirements for renegotiating a connection are asymmetrical between the client and the server, with the server performing several times more work. Since the remote host does not appear to limit the number of renegotiations for a single TLS / SSL connection, this permits a client to open several simultaneous connections and repeatedly renegotiate them, possibly leading to a denial of service condition.

See Also

http://orchilles.com/2011/03/ssl-renegotiation-dos.html
http://www.ietf.org/mail-archive/web/tls/current/msg07553.html

Solution

Contact the vendor for specific patch information.

Ports

tcp/5061


The remote host is vulnerable to renegotiation DoS over TLSv1 / SSLv3.



what can i answer ? what are solutions ?

10 Replies 10

Archil Sokhadze
Level 1
Level 1

is there any solution ?

Please see the following post -

https://supportforums.cisco.com/message/3653726#3653726

Thanks,

Guy

test was performed with "nessus"   on vcs X7.2  , so if it was fixed why it's still showing up ?

Can you provide a current published CVE for this?

thanks, I've emailed one of the security guys in the development team to get their thoughts on this.

thanks , if there will be some news about this case please write in this discussion.

Hello Archil,

Thank you for visiting the support community and thank you to Guy for jumping in to help answer.  The better channel to direct such questions is to the PSIRT team reachable at psirt@cisco.com as they have a dedicated team that manages the receipt, investigation, and public reporting of security vulnerability information that is related to Cisco products and networks.  Additional information and further contact details are available here: http://www.cisco.com/en/US/products/products_security_vulnerability_policy.html

Thank you,

Paula

John Faltys
Level 1
Level 1

Have you received an answer on this?
Thanks

answer was :

---------------------------

There is no upstream fix for CVE-2011-1473 in the third-party OpenSSL library as yet.

More information about this bug can be found at: http://www.educatedguesswork.org/2011/10/ssltls_and_computational_dos.html

In particular, the section "Is this a flaw with SSL/TLS?" discusses how this is not a significant risk (with the obvious caveat this is from a third-party security writer).

I don’t expect it to be fix anytime soon as even Redhat still has its own bug open (https://bugzilla.redhat.com/show_bug.cgi?id=707065).