DTLS ClientHello Race Conditions In WebRTC Implementations
2024-10-22 23:45:25 Author: packetstormsecurity.com(查看原文) 阅读量:2 收藏

DTLS ClientHello Race Conditions In WebRTC Implementations
Posted Oct 22, 2024
Authored by Sandro Gauci, Alfred Farrugia | Site enablesecurity.com

This white paper, titled "DTLS 'ClientHello' Race Conditions in WebRTC Implementations," details a security vulnerability affecting multiple WebRTC implementations. The research uncovers a security flaw where certain implementations fail to properly verify the origin of DTLS "ClientHello" messages in WebRTC sessions, potentially leading to denial of service attacks. The paper includes methodology, affected systems, and recommendations for mitigation.

tags | paper, denial of service
SHA-256 | eb9b90060957ab9a31665bc8c84c603533eeccd79e0c24bfa578d26e43901509
Download | Favorite | View

Login or Register to add favorites


文章来源: https://packetstormsecurity.com/files/182303/webrtc-hello-race-conditions-paper.pdf
如有侵权请联系:admin#unsafe.sh