all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Keeping the wolves out of wolfSSL

Add to bookmarks
Jan. 12, 2023, 2:25 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

By Max Ammann


Trail of Bits is publicly disclosing four vulnerabilities that affect wolfSSL: CVE-2022-38152, CVE-2022-38153, CVE-2022-39173, and CVE-2022-42905. The four issues, which have CVSS scores ranging from medium to critical, can all result in a denial of service (DoS). These vulnerabilities have been discovered automatically using the novel protocol fuzzer tlspuffin. This blog post will explore these vulnerabilities, then provide an in-depth overview of the fuzzer.


tlspuffin is a fuzzer inspired by formal protocol …

bits blog blog post critical cve cvss cvss scores denial of service dos fuzzer medium novel protocol result service trail of bits vulnerabilities wolfssl

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Change Healthcare hasn't given VA details on hack-impacted veterans, top lawmaker says 14 hours ago | malware.news
change change healthcare hack healthcare +4
Two years in, Google says passkeys now protect more than 400 million accounts 15 hours ago | malware.news
account accounts article google +7
CVE-2024-2887: A Pwn2Own Winning Bug in Google Chrome 15 hours ago | malware.news
blog browsers bug chrome +19
How to Talk to The Board About Exposure 15 hours ago | malware.news
topic
Pro-Russia hackers target OT weaknesses in critical infrastructure 15 hours ago | malware.news
american article breaches critical +21
Watch out for tech support scams lurking in sponsored search results 16 hours ago | malware.news
blog blog post campaign home +12
Threat Intelligence Snapshot: Week 18, 2024 16 hours ago | malware.news
access amp april find +13
CISA: Immediate GitLab account takeover flaw remediation crucial amid attacks 16 hours ago | malware.news
account account takeover agency article +30
Increased stealth introduced in updated Zloader malware 16 hours ago | malware.news
analysis anti-analysis article banking +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Data Privacy Manager m/f/d)

@ Coloplast | Hamburg, HH, DE
View on infosec-jobs.com

Cybersecurity Sr. Manager

@ Eastman | Kingsport, TN, US, 37660
View on infosec-jobs.com

KDN IAM Associate Consultant

@ KPMG India | Hyderabad, Telangana, India
View on infosec-jobs.com

Learning Experience Designer in Cybersecurity (f/m/div.) (Salary: ~113.000 EUR p.a.*)

@ Bosch Group | Stuttgart, Germany
View on infosec-jobs.com

Senior Security Engineer - SIEM

@ Samsara | Remote - US
View on infosec-jobs.com
View more jobs