Hi, With an "intentionally corrupted" tls1_heartbeat() in Openssl 1.0.2l, heart beat requests with big payloads such as 16300 or slightly more can be repeatedly sent to the server.
The server, religiously responds back with such big payloads after spending its cpu on encrypting/HMAC computing on the payload in the heartbeat response messages.. I confirmed the above with s_server/s_client. The RFC doesn't say anything about this possible exploit/DOS attack. The RFC also allows such big payloads. While such payloads might be meeting some requirement (PMTU computation ?),, the frequency of such big messages (continuous repeats) must certainly be controlled. I see that this extn is disabled in openssl-master but I could see that some servers (eg yahoo) do respond to heartbeat requests which means that they are running some ssl implementation (probably Openssl) which is vulnerable to continuous repeated big HB requests. Is the problem mentioned above a problem indeed or I am missing something ? Could the solution be a restricted count of HB requests along with a timer? Thanks Jitendra -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
