-
-
Save artfire52/1540b234350795e0ecb4d672608dbec8 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Disclaimer: It is important to note that a previous vulnerability related to DoS attacks on asyncua servers exists. | |
However, the vulnerability described here is entirely different in nature. The previous vulnerability relied on | |
resource exhaustion by sending an unlimited number of large chunks. | |
This crafted message is sufficient to cause the server to enter an infinite loop, | |
gradually consuming more and more resources. Notably, | |
in comparison to CVE-2022-25304, the vulnerability discussed in this gist requires less effort to exploi | |
#How was the vulnerability discovered ? | |
During my experiments for my Ph.D., I identified this vulnerability and promptly alerted the maintainers | |
by creating an issue on Git, as their request. | |
#Reproduce: | |
To reproduce this vulnerability: | |
0/send a message with a size field set to 0. | |
I used an open secure channel request but others are working. | |
All of this is described in the issue: | |
The first comment made a mistake by thinking that this vulnerability is CVE-2022-25304. But if you read the complete issue | |
you will see that it is not. | |
https://github.com/FreeOpcUa/opcua-asyncio/issues/1013 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment