The asn1_signature function in asn1.c in Cameron Hamilton-Rich axTLS through 2.1.5 has a Buffer Overflow that allows remote attackers to cause a denial of service (memory and CPU consumption) via a crafted certificate in the TLS certificate handshake message, because the result of get_asn1_length() is not checked for a minimum or maximum size.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2019-12-03T20:00:43
Updated: 2024-08-04T22:10:08.438Z
Reserved: 2019-03-24T00:00:00
Link: CVE-2019-10013
Vulnrichment
No data.
NVD
Status : Modified
Published: 2019-12-03T20:15:10.950
Modified: 2024-11-21T04:18:12.980
Link: CVE-2019-10013
Redhat
No data.