Описание
Adacore Ada Web Server (AWS) before 25.2 is vulnerable to a denial-of-service (DoS) condition due to improper handling of SSL handshakes during connection initialization. When a client initiates an HTTPS connection, the server performs the SSL handshake before assigning the connection to a processing slot. However, there is no specific timeout set for this phase, and the server uses the default socket timeout, which is effectively infinite. An attacker can exploit this by sending a malformed TLS ClientHello message with incorrect length values. This causes the server to wait indefinitely for data that never arrives, blocking the worker thread (Line) handling the connection. By opening multiple such connections, up to the server's maximum limit, the attacker can exhaust all available working threads, preventing the server from handling new, legitimate requests.
A flaw was found in AdaCore Web Server (AWS) where the server does not enforce a timeout during the SSL handshake when clients connect over HTTPS. Attackers can exploit this by sending specially crafted handshake messages that never complete, tying up the server's worker threads and preventing it from serving legitimate requests, resulting in a denial of service.
Отчет
This vulnerability occurs because AWS performs the SSL handshake before assigning the connection to a processing slot and relies on the default socket timeout which is effectively infinite. This is a problem because a crafted message with incorrect length values can cause the SSL handshake to block indefinitely, leaving the worker thread stuck in the pre-slot state. If many such connections are opened, the worker threads on AWS could all be exhausted which would deny the AWS to other legitimate clients that want to connect to the server.
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
Adacore Ada Web Server (AWS) before 25.2 is vulnerable to a denial-of-service (DoS) condition due to improper handling of SSL handshakes during connection initialization. When a client initiates an HTTPS connection, the server performs the SSL handshake before assigning the connection to a processing slot. However, there is no specific timeout set for this phase, and the server uses the default socket timeout, which is effectively infinite. An attacker can exploit this by sending a malformed TLS ClientHello message with incorrect length values. This causes the server to wait indefinitely for data that never arrives, blocking the worker thread (Line) handling the connection. By opening multiple such connections, up to the server's maximum limit, the attacker can exhaust all available working threads, preventing the server from handling new, legitimate requests.
Adacore Ada Web Server (AWS) before 25.2 is vulnerable to a denial-of-service (DoS) condition due to improper handling of SSL handshakes during connection initialization. When a client initiates an HTTPS connection, the server performs the SSL handshake before assigning the connection to a processing slot. However, there is no specific timeout set for this phase, and the server uses the default socket timeout, which is effectively infinite. An attacker can exploit this by sending a malformed TLS ClientHello message with incorrect length values. This causes the server to wait indefinitely for data that never arrives, blocking the worker thread (Line) handling the connection. By opening multiple such connections, up to the server's maximum limit, the attacker can exhaust all available working threads, preventing the server from handling new, legitimate requests.
EPSS
7.5 High
CVSS3