CVE-2016-10708

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

References

http://blog.swiecki.net/2018/01/fuzzing-tcp-servers.html

http://www.securityfocus.com/bid/102780

https://anongit.mindrot.org/openssh.git/commit/?id=28652bca29046f62c7045e933e6b931de1d16737

https://kc.mcafee.com/corporate/index?page=content&id=SB10284

https://lists.debian.org/debian-lts-announce/2018/01/msg00031.html

https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html

https://security.netapp.com/advisory/ntap-20180423-0003/

https://usn.ubuntu.com/3809-1/

https://www.openssh.com/releasenotes.html

Details

Source: MITRE

Published: 2018-01-21

Updated: 2019-06-26

Type: CWE-476

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Tenable Plugins

View all (18 total)

IDNameProductFamilySeverity
148681Juniper Junos OS Multiple Vulnerabilities (JSA11169)NessusJunos Local Security Checks
high
132548F5 Networks BIG-IP : OpenSSH vulnerability (K32485746)NessusF5 Networks Local Security Checks
high
118795Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : openssh vulnerabilities (USN-3809-1)NessusUbuntu Local Security Checks
medium
118498SUSE SLES11 Security Update : openssh (SUSE-SU-2018:3540-1)NessusSuSE Local Security Checks
high
118285SUSE SLES12 Security Update : openssh (SUSE-SU-2018:2530-2)NessusSuSE Local Security Checks
high
117563EulerOS Virtualization 2.5.0 : openssh (EulerOS-SA-2018-1254)NessusHuawei Local Security Checks
high
117452SUSE SLES12 Security Update : openssh (SUSE-SU-2018:2685-1)NessusSuSE Local Security Checks
high
112148SUSE SLES12 Security Update : openssh (SUSE-SU-2018:2530-1)NessusSuSE Local Security Checks
high
111639SUSE SLES11 Security Update : openssh (SUSE-SU-2018:2275-1)NessusSuSE Local Security Checks
high
111417openSUSE Security Update : openssh (openSUSE-2018-765)NessusSuSE Local Security Checks
high
111200SUSE SLED12 / SLES12 Security Update : openssh (SUSE-SU-2018:1989-1)NessusSuSE Local Security Checks
high
108473EulerOS 2.0 SP2 : openssh (EulerOS-SA-2018-1069)NessusHuawei Local Security Checks
high
108472EulerOS 2.0 SP1 : openssh (EulerOS-SA-2018-1068)NessusHuawei Local Security Checks
high
106407Debian DLA-1257-1 : openssh security updateNessusDebian Local Security Checks
high
102751CentOS 7 : openssh (CESA-2017:2029)NessusCentOS Local Security Checks
high
102296Oracle Linux 7 : openssh (ELSA-2017-2029)NessusOracle Linux Local Security Checks
high
102112RHEL 7 : openssh (RHSA-2017:2029)NessusRed Hat Local Security Checks
high
9855OpenSSH 7.x < 7.4 Multiple VulnerabilitiesNessus Network MonitorSSH
high