SSL / TLS Renegotiation DoS
Medium Nessus Plugin ID 53491
SynopsisThe remote service allows repeated renegotiation of TLS / SSL connections.
DescriptionThe remote service encrypts traffic using TLS / SSL and permits clients to renegotiate connections. The computational requirements for renegotiating a connection are asymmetrical between the client and the server, with the server performing several times more work. Since the remote host does not appear to limit the number of renegotiations for a single TLS / SSL connection, this permits a client to open several simultaneous connections and repeatedly renegotiate them, possibly leading to a denial of service condition.
SolutionContact the vendor for specific patch information.