CVE-2016-2179

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c.

References

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759

http://rhn.redhat.com/errata/RHSA-2016-1940.html

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html

http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html

http://www.securityfocus.com/bid/92987

http://www.securitytracker.com/id/1036689

http://www.splunk.com/view/SP-CAAAPSV

http://www.splunk.com/view/SP-CAAAPUE

http://www-01.ibm.com/support/docview.wss?uid=swg21995039

https://bto.bluecoat.com/security-advisory/sa132

https://git.openssl.org/?p=openssl.git;a=commit;h=f5c7f5dfbaf0d2f7d946d0fe86f08e6bcb36ed0d

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312

https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us

https://www.openssl.org/news/vulnerabilities.html#y2017

https://www.tenable.com/security/tns-2016-16

https://www.tenable.com/security/tns-2016-20

https://www.tenable.com/security/tns-2016-21

Details

Source: MITRE

Published: 2016-09-16

Updated: 2019-12-27

Type: CWE-399

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*

cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*

Tenable Plugins

View all (47 total)

IDNameProductFamilySeverity
137479EulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2020-1637)NessusHuawei Local Security Checks
high
135549EulerOS 2.0 SP3 : openssl098e (EulerOS-SA-2020-1420)NessusHuawei Local Security Checks
medium
119885Oracle Business Intelligence Publisher Multiple Vulnerabilities (January 2018 CPU)NessusMisc.
high
106863openSUSE Security Update : openssl-steam (openSUSE-2018-168)NessusSuSE Local Security Checks
critical
106349Oracle iPlanet Web Server 7.0.x < 7.0.27 NSS Unspecified Vulnerability (January 2018 CPU)NessusWeb Servers
critical
106299Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2018 CPU)NessusWeb Servers
critical
101845Oracle E-Business Multiple Vulnerabilities (July 2017 CPU) (SWEET32)NessusMisc.
critical
101045Tenable SecurityCenter OpenSSL 1.0.1 < 1.0.1u Multiple Vulnerabilities (SWEET32)NessusMisc.
critical
99930Oracle Secure Global Desktop Multiple Vulnerabilities (April 2017 CPU) (SWEET32)NessusMisc.
critical
99810EulerOS 2.0 SP1 : openssl (EulerOS-SA-2016-1047)NessusHuawei Local Security Checks
high
99594Oracle Enterprise Manager Grid Control Multiple Vulnerabilities (April 2017 CPU) (SWEET32)NessusMisc.
critical
97192Tenable Nessus 6.x < 6.9 Multiple Vulnerabilities (TNS-2016-16) (SWEET32)NessusCGI abuses : XSS
critical
96771MySQL Enterprise Monitor 3.3.x < 3.3.1.1112 Multiple Vulnerabilities (SWEET32) (January 2017 CPU)NessusCGI abuses
critical
96770MySQL Enterprise Monitor 3.2.x < 3.2.5.1141 Multiple Vulnerabilities (SWEET32) (January 2017 CPU)NessusCGI abuses
critical
96767MySQL Enterprise Monitor 3.1.x < 3.1.5.7958 Multiple Vulnerabilities (SWEET32) (January 2017 CPU)NessusCGI abuses
high
96337Tenable Passive Vulnerability Scanner 5.x < 5.2.0 Multiple Vulnerabilities (SWEET32)NessusMisc.
critical
95255AIX OpenSSL Advisory : openssl_advisory21.asc (SWEET32)NessusAIX Local Security Checks
critical
94811Fedora 25 : 1:openssl (2016-64e0743e16)NessusFedora Local Security Checks
critical
94449F5 Networks BIG-IP : OpenSSL vulnerability (K23512141)NessusF5 Networks Local Security Checks
high
94198MySQL 5.7.x < 5.7.16 Multiple Vulnerabilities (October 2016 CPU) (SWEET32)NessusDatabases
critical
94197MySQL 5.6.x < 5.6.34 Multiple Vulnerabilities (October 2016 CPU) (SWEET32)NessusDatabases
critical
94167MySQL 5.7.x < 5.7.16 Multiple Vulnerabilities (October 2016 CPU) (SWEET32)NessusDatabases
critical
94166MySQL 5.6.x < 5.6.34 Multiple Vulnerabilities (October 2016 CPU) (SWEET32)NessusDatabases
critical
94086openSUSE Security Update : compat-openssl098 (openSUSE-2016-1189)NessusSuSE Local Security Checks
critical
94021Amazon Linux AMI : openssl (ALAS-2016-755)NessusAmazon Linux Local Security Checks
critical
93978Fedora 23 : 1:openssl (2016-97454404fe)NessusFedora Local Security Checks
critical
93909SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2016:2468-1)NessusSuSE Local Security Checks
critical
9625OpenSSL 1.0.1 < 1.0.1u / 1.0.2 < 1.0.2i Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
93893SUSE SLES11 Security Update : openssl (SUSE-SU-2016:2458-1)NessusSuSE Local Security Checks
critical
93815OpenSSL 1.0.2 < 1.0.2i Multiple Vulnerabilities (SWEET32)NessusWeb Servers
critical
93814OpenSSL 1.0.1 < 1.0.1u Multiple Vulnerabilities (SWEET32)NessusWeb Servers
critical
93795Scientific Linux Security Update : openssl on SL6.x, SL7.x i386/x86_64 (20160927)NessusScientific Linux Local Security Checks
critical
93783openSUSE Security Update : openssl (openSUSE-2016-1134)NessusSuSE Local Security Checks
critical
93777CentOS 6 / 7 : openssl (CESA-2016:1940)NessusCentOS Local Security Checks
critical
93765SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2016:2394-1)NessusSuSE Local Security Checks
critical
93763RHEL 6 / 7 : openssl (RHSA-2016:1940)NessusRed Hat Local Security Checks
critical
93761OracleVM 3.3 / 3.4 : openssl (OVMSA-2016-0135)NessusOracleVM Local Security Checks
critical
93759Oracle Linux 6 / 7 : openssl (ELSA-2016-1940)NessusOracle Linux Local Security Checks
critical
93756openSUSE Security Update : openssl (openSUSE-2016-1130)NessusSuSE Local Security Checks
critical
93752Fedora 24 : 1:openssl (2016-a555159613)NessusFedora Local Security Checks
critical
93734SUSE SLES12 Security Update : openssl (SUSE-SU-2016:2387-1)NessusSuSE Local Security Checks
critical
93715Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : openssl regression (USN-3087-2)NessusUbuntu Local Security Checks
critical
93690Debian DLA-637-1 : openssl security updateNessusDebian Local Security Checks
critical
93684Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : openssl vulnerabilities (USN-3087-1)NessusUbuntu Local Security Checks
critical
93674FreeBSD : OpenSSL -- multiple vulnerabilities (43eaa656-80bc-11e6-bf52-b499baebfeaf)NessusFreeBSD Local Security Checks
critical
93668Debian DSA-3673-1 : openssl - security updateNessusDebian Local Security Checks
critical
93663Slackware 14.0 / 14.1 / 14.2 / current : openssl (SSA:2016-266-01)NessusSlackware Local Security Checks
critical