SA-2023-059 - DHEat attack (CVE-2002-20001)
By Extreme Networks
The Diffie-Hellman Key Agreement Protocol enables remote attackers to send arbitrary numbers without public keys, triggering costly server-side DHE modular-exponentiation calculations. This attack requires minimal CPU resources and bandwidth, and may be more disruptive in cases where clients require server selection of largest supported key size.
read more