CVE-2016-2179HIGH
New! CVE Severity Now Using CVSS v3
The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
Description
The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service (memory consumption) by maintaining many crafted DTLS sessions simultaneously, related to d1_lib.c, statem_dtls.c, statem_lib.c, and statem_srvr.c.
References
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759
http://rhn.redhat.com/errata/RHSA-2016-1940.html
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
http://www.securityfocus.com/bid/92987
http://www.securitytracker.com/id/1036689
http://www.splunk.com/view/SP-CAAAPSV
http://www.splunk.com/view/SP-CAAAPUE
http://www-01.ibm.com/support/docview.wss?uid=swg21995039
https://bto.bluecoat.com/security-advisory/sa132
https://git.openssl.org/?p=openssl.git;a=commit;h=f5c7f5dfbaf0d2f7d946d0fe86f08e6bcb36ed0d
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us
https://www.openssl.org/news/vulnerabilities.html#y2017
https://www.tenable.com/security/tns-2016-16
Details
Source: MITRE
Published: 2016-09-16
Updated: 2019-12-27
Type: CWE-399
Risk Information
CVSS v2
Base Score: 5
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Impact Score: 2.9
Exploitability Score: 10
Severity: MEDIUM
CVSS v3
Base Score: 7.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Impact Score: 3.6
Exploitability Score: 3.9
Severity: HIGH
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*
cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*
Configuration 2
OR
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 137479 | EulerOS 2.0 SP2 : openssl098e (EulerOS-SA-2020-1637) | Nessus | Huawei Local Security Checks | high |
| 135549 | EulerOS 2.0 SP3 : openssl098e (EulerOS-SA-2020-1420) | Nessus | Huawei Local Security Checks | medium |
| 119885 | Oracle Business Intelligence Publisher Multiple Vulnerabilities (January 2018 CPU) | Nessus | Misc. | high |
| 106863 | openSUSE Security Update : openssl-steam (openSUSE-2018-168) | Nessus | SuSE Local Security Checks | critical |
| 106349 | Oracle iPlanet Web Server 7.0.x < 7.0.27 NSS Unspecified Vulnerability (January 2018 CPU) | Nessus | Web Servers | critical |
| 106299 | Oracle Fusion Middleware Oracle HTTP Server Multiple Vulnerabilities (January 2018 CPU) | Nessus | Web Servers | critical |
| 101845 | Oracle E-Business Multiple Vulnerabilities (July 2017 CPU) (SWEET32) | Nessus | Misc. | critical |
| 101045 | Tenable SecurityCenter OpenSSL 1.0.1 < 1.0.1u Multiple Vulnerabilities (SWEET32) | Nessus | Misc. | critical |
| 99930 | Oracle Secure Global Desktop Multiple Vulnerabilities (April 2017 CPU) (SWEET32) | Nessus | Misc. | critical |
| 99810 | EulerOS 2.0 SP1 : openssl (EulerOS-SA-2016-1047) | Nessus | Huawei Local Security Checks | high |
| 99594 | Oracle Enterprise Manager Grid Control Multiple Vulnerabilities (April 2017 CPU) (SWEET32) | Nessus | Misc. | critical |
| 97192 | Tenable Nessus 6.x < 6.9 Multiple Vulnerabilities (TNS-2016-16) (SWEET32) | Nessus | CGI abuses : XSS | critical |
| 96771 | MySQL Enterprise Monitor 3.3.x < 3.3.1.1112 Multiple Vulnerabilities (SWEET32) (January 2017 CPU) | Nessus | CGI abuses | critical |
| 96770 | MySQL Enterprise Monitor 3.2.x < 3.2.5.1141 Multiple Vulnerabilities (SWEET32) (January 2017 CPU) | Nessus | CGI abuses | critical |
| 96767 | MySQL Enterprise Monitor 3.1.x < 3.1.5.7958 Multiple Vulnerabilities (SWEET32) (January 2017 CPU) | Nessus | CGI abuses | high |
| 96337 | Tenable Passive Vulnerability Scanner 5.x < 5.2.0 Multiple Vulnerabilities (SWEET32) | Nessus | Misc. | critical |
| 95255 | AIX OpenSSL Advisory : openssl_advisory21.asc (SWEET32) | Nessus | AIX Local Security Checks | critical |
| 94811 | Fedora 25 : 1:openssl (2016-64e0743e16) | Nessus | Fedora Local Security Checks | critical |
| 94449 | F5 Networks BIG-IP : OpenSSL vulnerability (K23512141) | Nessus | F5 Networks Local Security Checks | high |
| 94198 | MySQL 5.7.x < 5.7.16 Multiple Vulnerabilities (October 2016 CPU) (SWEET32) | Nessus | Databases | critical |
| 94197 | MySQL 5.6.x < 5.6.34 Multiple Vulnerabilities (October 2016 CPU) (SWEET32) | Nessus | Databases | critical |
| 94167 | MySQL 5.7.x < 5.7.16 Multiple Vulnerabilities (October 2016 CPU) (SWEET32) | Nessus | Databases | critical |
| 94166 | MySQL 5.6.x < 5.6.34 Multiple Vulnerabilities (October 2016 CPU) (SWEET32) | Nessus | Databases | critical |
| 94086 | openSUSE Security Update : compat-openssl098 (openSUSE-2016-1189) | Nessus | SuSE Local Security Checks | critical |
| 94021 | Amazon Linux AMI : openssl (ALAS-2016-755) | Nessus | Amazon Linux Local Security Checks | critical |
| 93978 | Fedora 23 : 1:openssl (2016-97454404fe) | Nessus | Fedora Local Security Checks | critical |
| 93909 | SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2016:2468-1) | Nessus | SuSE Local Security Checks | critical |
| 9625 | OpenSSL 1.0.1 < 1.0.1u / 1.0.2 < 1.0.2i Multiple Vulnerabilities | Nessus Network Monitor | Web Servers | high |
| 93893 | SUSE SLES11 Security Update : openssl (SUSE-SU-2016:2458-1) | Nessus | SuSE Local Security Checks | critical |
| 93815 | OpenSSL 1.0.2 < 1.0.2i Multiple Vulnerabilities (SWEET32) | Nessus | Web Servers | critical |
| 93814 | OpenSSL 1.0.1 < 1.0.1u Multiple Vulnerabilities (SWEET32) | Nessus | Web Servers | critical |
| 93795 | Scientific Linux Security Update : openssl on SL6.x, SL7.x i386/x86_64 (20160927) | Nessus | Scientific Linux Local Security Checks | critical |
| 93783 | openSUSE Security Update : openssl (openSUSE-2016-1134) | Nessus | SuSE Local Security Checks | critical |
| 93777 | CentOS 6 / 7 : openssl (CESA-2016:1940) | Nessus | CentOS Local Security Checks | critical |
| 93765 | SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2016:2394-1) | Nessus | SuSE Local Security Checks | critical |
| 93763 | RHEL 6 / 7 : openssl (RHSA-2016:1940) | Nessus | Red Hat Local Security Checks | critical |
| 93761 | OracleVM 3.3 / 3.4 : openssl (OVMSA-2016-0135) | Nessus | OracleVM Local Security Checks | critical |
| 93759 | Oracle Linux 6 / 7 : openssl (ELSA-2016-1940) | Nessus | Oracle Linux Local Security Checks | critical |
| 93756 | openSUSE Security Update : openssl (openSUSE-2016-1130) | Nessus | SuSE Local Security Checks | critical |
| 93752 | Fedora 24 : 1:openssl (2016-a555159613) | Nessus | Fedora Local Security Checks | critical |
| 93734 | SUSE SLES12 Security Update : openssl (SUSE-SU-2016:2387-1) | Nessus | SuSE Local Security Checks | critical |
| 93715 | Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : openssl regression (USN-3087-2) | Nessus | Ubuntu Local Security Checks | critical |
| 93690 | Debian DLA-637-1 : openssl security update | Nessus | Debian Local Security Checks | critical |
| 93684 | Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : openssl vulnerabilities (USN-3087-1) | Nessus | Ubuntu Local Security Checks | critical |
| 93674 | FreeBSD : OpenSSL -- multiple vulnerabilities (43eaa656-80bc-11e6-bf52-b499baebfeaf) | Nessus | FreeBSD Local Security Checks | critical |
| 93668 | Debian DSA-3673-1 : openssl - security update | Nessus | Debian Local Security Checks | critical |
| 93663 | Slackware 14.0 / 14.1 / 14.2 / current : openssl (SSA:2016-266-01) | Nessus | Slackware Local Security Checks | critical |