Skip to main content

Tag: openssl

2 articles

Rows of computer servers and networking equipment in a dimly lit data center with one server highlighted.

OpenSSL Flaw Exposes Servers to Memory Exhaustion Attacks

A newly discovered OpenSSL flaw, dubbed HollowByte, leaves unpatched servers vulnerable to memory exhaustion attacks, where a mere 11 bytes can trigger the allocation of up to 131 KB of memory for a message that never arrives. This tiny trigger can bring a server to its knees, freezing memory and blocking critical connections.

Analyst 207
Dimly lit server room with one server showing high memory usage.

OpenSSL Servers Vulnerable to Memory-Bloating DDoS Attacks

Beware: a simple 11-byte malicious input can cripple OpenSSL servers with a devastating DDoS attack, leaving them permanently bloated and vulnerable. This sneaky exploit, dubbed HollowByte, takes advantage of a weakness in OpenSSL's TLS handshake to drain server resources.

Analyst 207