Published: 03/12/2019 Updated: 04/12/2019

Vulnerability Summary

process_certificate in tls1.c in Cameron Hamilton-Rich axTLS up to and including 2.1.5 has a Buffer Overflow via a crafted TLS certificate handshake message with zero certificates.

Vulnerability Trend

Mailing Lists

Hi all, Two Denial-of-Service vulnerabilities were found in the axTLS library (axtlssourceforgenet/) Both vulnerabilities were addressed to the project maintainer in a responsible disclosure Because the initial deadline was prolonged a few times to fix the issues, but we didn't received any feedback since June, the vulnerability detai ...