GnuTLS.libtasn1.ASN1.DER.Infinite.Loop.DoS
Description
This indicates a Denial of Service attack attempt against a ASN.1 data parsing vulnerability in GnuTLS.
The vulnerability is due to improper processing DER certificates in libtasn1. A remote attacker can exploit this to cause denial of service conditions in affected machines.
Affected Products
Free Software Foundation Libtasn1 prior to 4.8
Free Software Foundation GnuTLS 3.3.22 and prior
Impact
Denial of Service: Remote attackers can exhaust CPU resources on the target system.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
http://seclists.org/oss-sec/2016/q2/66
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |