Achim Kraus

Name of the Vulnerable Software and Affected Versions: Eclipse Californium versions 2.0.0 through 2.6.4 Eclipse Californium versions 3.0.0-M1 through 3.0.0-M3 Description: The certificate-based DTLS handshakes in Eclipse Californium may accidentally succeed without verifying the server side's signature on the client side if that signature is not included in the server's ServerKeyExchange. This issue affects x509 and RPK DTLS handshakes. Recommendations: For versions 2.0.0 through 2.6.4, update to a version outside of this range to ensure the DTLS handshake properly verifies the server's signature. For versions 3.0.0-M1 through 3.0.0-M3, update to a version outside of this range to ensure the DTLS handshake properly verifies the server's signature. As a temporary workaround, consider restricting the use of certificate-based DTLS handshakes until a patch is available.

Name of the Vulnerable Software and Affected Versions: Eclipse Californium versions 2.3.0 through 2.6.0 Description: The certificate-based DTLS handshakes in Eclipse Californium accidentally fail due to the server sticking to a wrong internal state. This wrong internal state is set by a previous certificate-based DTLS handshake failure with TLS parameter mismatch, allowing clients to force a Denial of Service (DoS). The server must be restarted to recover from this state. Recommendations: For Eclipse Californium versions 2.3.0 through 2.6.0, restart the DTLS server to recover from the wrong internal state and prevent Denial of Service (DoS) attacks. As a temporary workaround, consider implementing measures to prevent repeated certificate-based DTLS handshake failures with TLS parameter mismatch.