Tag: openssl
2 articles

OpenSSL Flaw Exposes Servers to Memory Exhaustion Attacks
A newly discovered OpenSSL flaw, dubbed HollowByte, leaves unpatched servers vulnerable to memory exhaustion attacks, where a mere 11 bytes can trigger the allocation of up to 131 KB of memory for a message that never arrives. This tiny trigger can bring a server to its knees, freezing memory and blocking critical connections.

OpenSSL Servers Vulnerable to Memory-Bloating DDoS Attacks
Beware: a simple 11-byte malicious input can cripple OpenSSL servers with a devastating DDoS attack, leaving them permanently bloated and vulnerable. This sneaky exploit, dubbed HollowByte, takes advantage of a weakness in OpenSSL's TLS handshake to drain server resources.