SonicALERT
Search

Sonicwall Signatures

 

  All Categories


Category: WEB-TLS

WEB-TLS Category Description

This SonicWALL IPS signature category consists of a group of signatures that detect/prevent attacks to SSL/TLS related vulnerabilities.

Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL), are cryptographic protocols designed to provide communications security over a computer network. They use X.509 certificates and hence asymmetric cryptography to authenticate the counterparty with whom they are communicating, and to negotiate a symmetric session key. This session key is then used to encrypt data flowing between the parties. This allows for data/message confidentiality, and message authentication codes for message integrity and as a by-product, message authentication.[clarification needed] Several versions of the protocols are in widespread use in applications such as web browsing, electronic mail, Internet faxing, instant messaging, and voice-over-IP (VoIP). An important property in this context is forward secrecy, so the short-term session key cannot be derived from the long-term asymmetric secret key.

  Excessive SSL Change Cipher Spec Messages
  OpenSSL Heartbleed Information Disclosure 5
  OpenSSL Heartbleed Information Disclosure 6
  OpenSSL Heartbleed Information Disclosure 7
  HTTPS Malformed Response 3
  HTTPS Malformed Response 4
  HTTPS Malformed Request 3
  OpenSSL DTLS Recursion DoS
  OpenSSL SSL_get_shared_ciphers Buffer Overflow 2
  OpenSSL Anonymous ECDH DoS 1
  Windows Schannel Remote Code Execution (MS14-066) 5
  OpenSSL Anonymous ECDH DoS 2
  OpenSSL DTLS Zero-Length Fragments DoS
  OpenSSL DTLS handshake DoS
  OpenSSL Invalid SRP Parameters Buffer Overflow 1
  OpenSSL DTLS handshake Double-Free DoS
  OpenSSL Invalid SRP Parameters Buffer Overflow 2
  Excessive SSL Alert Messages
  OpenSSL Session Ticket DoS 1
  Mozilla NSS RSA Signatures Spoofing
  OpenSSL Session Ticket DoS 2
  OpenSSL DTLS SRTP DoS
  Windows Schannel Remote Code Execution (MS14-066) 2
  Windows Schannel Remote Code Execution (MS14-066) 3
  Windows Schannel Remote Code Execution (MS14-066) 4
  HTTPS Malformed Request 4
  HTTPS Malformed Request 5
  OpenSSL ssl23_get_client_hello Function DoS
  SSL Version Rollback
  OpenSSL AES-NI DoS
  OpenSSL DTLS ChangeCipherSpec DoS
  OpenSSL TLS Record Tampering DoS 1
  OpenSSL TLS Record Tampering DoS 2
  OpenSSL TLS Record Tampering DoS 3
  OpenSSL TLS Record Tampering DoS 4
  HTTPS Malformed Response 1
  HTTPS Malformed Request 1
  Squid SSL-Bump DoS 2
  OpenSSL c_rehash Script Remote Command Execution
  OpenSSL c_rehash Script Command Injection
  SNIProxy server_name Buffer Overflow
  OpenSSL X.509 Name Constraint Check Buffer Overflow
  OpenSSL X.509 Name Constraint Check Buffer Overflow 2
  OpenSSL X.509 Name Constraint Check Buffer Overflow 3
  OpenSSL X.509 Name Constraint Check Buffer Overflow 4
  HTTPS Malformed Response 2
  OpenSSL X.400 Address Type Confusion 1
  OpenSSL DTLS Fragmentation DoS
  OpenSSL do_ssl3_write Function DoS
  OpenSSL DTLS Duplicate Records DoS
  OpenSSL signature_algorithms DoS
  OpenSSL ASN1_TYPE_cmp Function DoS
  OpenSSL Client Key Exchange DoS
  OpenSSL RSA PSS Parameters DoS 1
  OpenSSL RSA PSS Parameters DoS 2
  OpenSSL RSA PSS Parameters DoS 3
  OpenSSL RSA PSS Parameters DoS 4
  OpenSSL RSA PSS Parameters DoS 5
  GNU Libtasn1 DoS
  TLS DHE_EXPORT Information Disclosure
  OpenSSL BN_GF2m_mod_inv Function DoS
  OpenSSL X509_verify_cert Function Security Feature Bypass
  OpenSSL X509_cmp_time Function DoS 1
  OpenSSL X509_cmp_time Function DoS 2
  OpenSSL X509_cmp_time Function DoS 3
  Avast Antivirus Remote Command Execution
  Squid SSL-Bump DoS
  Squid SSL-Bump Validation Bypass
  OpenSSL RSA PSS DoS
  GNU Libtasn1 _asn1_extract_der_octet Function DoS
  OpenSSL tls_get_message_body Function Use-After-Free 1
  OpenSSL tls_get_message_body Function Use-After-Free 2
  OpenSSL ssl3_read_bytes Function DoS
  OpenSSL ChangeCipherSpec Information Disclosure 1
  OpenSSL ChangeCipherSpec Information Disclosure 2
  OpenSSL ChangeCipherSpec Information Disclosure 3
  OpenSSL ChangeCipherSpec Information Disclosure 4
  OpenSSL ChaCha20-Poly1305 and RC4-MD5 Integer Underflow 1
  OpenSSL ChaCha20-Poly1305 and RC4-MD5 Integer Underflow 2
  OpenSSL DHE and ECDHE Parameters NULL Pointer Dereference 1
  OpenSSL DHE and ECDHE Parameters NULL Pointer Dereference 2
  GnuTLS Proxy Certificate Information Double Free
  GnuTLS NULL Pointer Dereference
  OpenSSL IPAddressFamily Extension Out-of-Bounds Read
  OpenSSL Large Prime Value DoS
  Fizz PlaintextRecordLayer DoS
  GnuTLS Certificate Verification API Double Free
  OpenSSL SSL_check_chain Function NULL Pointer Dereference
  Windows TLS Key Exchange DoS 1
  Windows TLS Key Exchange DoS 2
  OpenSSL BN_mod_sqrt Function DoS 3
  OpenSSL BN_mod_sqrt Function DoS 1
  OpenSSL BN_mod_sqrt Function DoS 2
  OpenSSL BN_mod_sqrt Function DoS 4
  Server Hello with EXPORT Cipher Suites
  Client Hello with EXPORT Cipher Suites 1
  Client Hello with EXPORT Cipher Suites 2
  GNU Libtasn1 DoS 2
  OpenSSL DTLS handshake Double-Free DoS 2
  OpenSSL DTLS Zero-Length Fragments DoS 2
  OpenSSL X.400 Address Type Confusion 2
  OpenSSL X.400 Address Type Confusion 3
  OpenSSL OBJ_obj2txt Function DoS
  OpenSSL ssl3_get_record Function DoS
  OpenSSL ECDH Use-After-Free 1
  OpenSSL ECDH Use-After-Free 2
  Komodia SSL Certificate Superfish
  GnuTLS decoding.c DoS 1
  GnuTLS decoding.c DoS 2
  GnuTLS gnutls_cipher.c DoS 1
  GnuTLS gnutls_cipher.c DoS 2
  GnuTLS gnutls_cipher.c DoS 3

Relevant Information


© SonicWall 2020 | Privacy Policy | Conditions for use Version: 10.0