ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
HIGH Vulnerabilities

HollowByte DoS flaw inflates OpenSSL memory using an 11-byte probe

Source headline: HollowByte DDoS flaw bloats OpenSSL server memory with 11-byte payload

Threat level High
Signal strength 70/100
Source confidence 1 source
Published 1 hour ago

Intelligence Summary

A vulnerability dubbed HollowByte can trigger a denial-of-service on OpenSSL servers. The issue can be exercised by unauthenticated attackers using a payload as small as 11 bytes. When the payload is processed, the server allocates excessive memory, which can degrade or crash the service. This affects systems that expose OpenSSL endpoints to the network. Operators should review OpenSSL versions in use and apply available fixes or mitigations.

Recommended Action

Review affected assets, schedule urgent remediation, and monitor related indicators.

Topics

#unauthenticated #ddos #denialofservice #memoryexhaustion #openssl
Original reporting BleepingComputer HollowByte DDoS flaw bloats OpenSSL server memory with 11-byte payload
Open original source