OpenSSL “HollowByte” Vulnerability Lets Hackers Crash Servers With Just 11 Bytes

A newly disclosed vulnerability in OpenSSL, dubbed “HollowByte,” allows a remote, unauthenticated attacker to trigger a denial-of-service (DoS) condition using a malicious payload as small as 11 bytes. Discovered by the Okta Red Team, the flaw exploits how OpenSSL pre-allocates memory during the TLS handshake, forcing servers to reserve massive memory chunks before any authentication […]

The post OpenSSL “HollowByte” Vulnerability Lets Hackers Crash Servers With Just 11 Bytes appeared first on Cyber Security News.

This article has been indexed from Cyber Security News

Read the original article: