CVE-2016-6306

MEDIUM
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.

References

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759

http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html

http://rhn.redhat.com/errata/RHSA-2016-1940.html

http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html

http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html

http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html

http://www.securityfocus.com/bid/93153

http://www.securitytracker.com/id/1036885

http://www-01.ibm.com/support/docview.wss?uid=swg21995039

https://access.redhat.com/errata/RHSA-2018:2185

https://access.redhat.com/errata/RHSA-2018:2186

https://access.redhat.com/errata/RHSA-2018:2187

https://bto.bluecoat.com/security-advisory/sa132

https://git.openssl.org/?p=openssl.git;a=commit;h=52e623c4cb06fffa9d5e75c60b34b4bc130b12e9

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448

https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312

https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/

https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc

https://security.gentoo.org/glsa/201612-16

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us

https://www.openssl.org/news/secadv/20160922.txt

https://www.oracle.com/security-alerts/cpuapr2020.html

https://www.oracle.com/security-alerts/cpujan2020.html

https://www.oracle.com/security-alerts/cpujul2020.html

https://www.oracle.com/security-alerts/cpuoct2020.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

https://www.tenable.com/security/tns-2016-16

https://www.tenable.com/security/tns-2016-20

https://www.tenable.com/security/tns-2016-21

Details

Source: MITRE

Published: 2016-09-26

Updated: 2020-10-20

Type: CWE-125

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 5.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.2

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:a:hp:icewall_federation_agent:3.0:*:*:*:*:*:*:*

cpe:2.3:a:hp:icewall_mcrp:3.0:*:*:*:*:*:*:*

cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:certd:*:*:*

cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:dfw:*:*:*

cpe:2.3:a:hp:icewall_sso_agent_option:10.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:novell:suse_linux_enterprise_module_for_web_scripting:12.0:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*

cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:a:nodejs:node.js:*:*:*:*:*:*:*:* versions up to 6.6.0 (inclusive)

Tenable Plugins

View all (53 total)

IDNameProductFamilySeverity
130679EulerOS 2.0 SP5 : openssl098e (EulerOS-SA-2019-2217)NessusHuawei Local Security Checks
critical
124059Oracle Access Manager Multiple Vulnerabilities (Jan 2018 CPU)NessusMisc.
critical
119982SUSE SLES12 Security Update : nodejs4 (SUSE-SU-2016:2470-1)NessusSuSE Local Security Checks
high
111147RHEL 6 : Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 6 (RHSA-2018:2186)NessusRed Hat Local Security Checks
critical
111146RHEL 7 : Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 7 (RHSA-2018:2185)NessusRed Hat Local Security Checks
critical
106863openSUSE Security Update : openssl-steam (openSUSE-2018-168)NessusSuSE Local Security Checks
critical
101845Oracle E-Business Multiple Vulnerabilities (July 2017 CPU) (SWEET32)NessusMisc.
critical
101045Tenable SecurityCenter OpenSSL 1.0.1 < 1.0.1u Multiple Vulnerabilities (SWEET32)NessusMisc.
critical
99930Oracle Secure Global Desktop Multiple Vulnerabilities (April 2017 CPU) (SWEET32)NessusMisc.
critical
99810EulerOS 2.0 SP1 : openssl (EulerOS-SA-2016-1047)NessusHuawei Local Security Checks
high
99594Oracle Enterprise Manager Grid Control Multiple Vulnerabilities (April 2017 CPU) (SWEET32)NessusMisc.
critical
97480F5 Networks BIG-IP : OpenSSL vulnerability (K90492697)NessusF5 Networks Local Security Checks
medium
97192Tenable Nessus 6.x < 6.9 Multiple Vulnerabilities (TNS-2016-16) (SWEET32)NessusCGI abuses : XSS
critical
96771MySQL Enterprise Monitor 3.3.x < 3.3.1.1112 Multiple Vulnerabilities (SWEET32) (January 2017 CPU)NessusCGI abuses
critical
96770MySQL Enterprise Monitor 3.2.x < 3.2.5.1141 Multiple Vulnerabilities (SWEET32) (January 2017 CPU)NessusCGI abuses
critical
96767MySQL Enterprise Monitor 3.1.x < 3.1.5.7958 Multiple Vulnerabilities (SWEET32) (January 2017 CPU)NessusCGI abuses
high
96337Tenable Passive Vulnerability Scanner 5.x < 5.2.0 Multiple Vulnerabilities (SWEET32)NessusMisc.
critical
96316Juniper Junos Multiple OpenSSL Vulnerabilities (JSA10759) (SWEET32)NessusJunos Local Security Checks
critical
96145IBM BigFix Remote Control < 9.1.3 Multiple Vulnerabilities (SWEET32)NessusCGI abuses
critical
95602GLSA-201612-16 : OpenSSL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
95255AIX OpenSSL Advisory : openssl_advisory21.asc (SWEET32)NessusAIX Local Security Checks
critical
94811Fedora 25 : 1:openssl (2016-64e0743e16)NessusFedora Local Security Checks
critical
94198MySQL 5.7.x < 5.7.16 Multiple Vulnerabilities (October 2016 CPU) (SWEET32)NessusDatabases
critical
94197MySQL 5.6.x < 5.6.34 Multiple Vulnerabilities (October 2016 CPU) (SWEET32)NessusDatabases
critical
94167MySQL 5.7.x < 5.7.16 Multiple Vulnerabilities (October 2016 CPU) (SWEET32)NessusDatabases
critical
94166MySQL 5.6.x < 5.6.34 Multiple Vulnerabilities (October 2016 CPU) (SWEET32)NessusDatabases
critical
94095OracleVM 3.2 : openssl (OVMSA-2016-0141)NessusOracleVM Local Security Checks
critical
94094Oracle Linux 5 : openssl (ELSA-2016-3627)NessusOracle Linux Local Security Checks
critical
94086openSUSE Security Update : compat-openssl098 (openSUSE-2016-1189)NessusSuSE Local Security Checks
critical
94021Amazon Linux AMI : openssl (ALAS-2016-755)NessusAmazon Linux Local Security Checks
critical
94002openSUSE Security Update : nodejs (openSUSE-2016-1172)NessusSuSE Local Security Checks
high
93978Fedora 23 : 1:openssl (2016-97454404fe)NessusFedora Local Security Checks
critical
93909SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2016:2468-1)NessusSuSE Local Security Checks
critical
9625OpenSSL 1.0.1 < 1.0.1u / 1.0.2 < 1.0.2i Multiple VulnerabilitiesNessus Network MonitorWeb Servers
high
93893SUSE SLES11 Security Update : openssl (SUSE-SU-2016:2458-1)NessusSuSE Local Security Checks
critical
93815OpenSSL 1.0.2 < 1.0.2i Multiple Vulnerabilities (SWEET32)NessusWeb Servers
critical
93814OpenSSL 1.0.1 < 1.0.1u Multiple Vulnerabilities (SWEET32)NessusWeb Servers
critical
93795Scientific Linux Security Update : openssl on SL6.x, SL7.x i386/x86_64 (20160927)NessusScientific Linux Local Security Checks
critical
93783openSUSE Security Update : openssl (openSUSE-2016-1134)NessusSuSE Local Security Checks
critical
93777CentOS 6 / 7 : openssl (CESA-2016:1940)NessusCentOS Local Security Checks
critical
93765SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2016:2394-1)NessusSuSE Local Security Checks
critical
93763RHEL 6 / 7 : openssl (RHSA-2016:1940)NessusRed Hat Local Security Checks
critical
93761OracleVM 3.3 / 3.4 : openssl (OVMSA-2016-0135)NessusOracleVM Local Security Checks
critical
93759Oracle Linux 6 / 7 : openssl (ELSA-2016-1940)NessusOracle Linux Local Security Checks
critical
93756openSUSE Security Update : openssl (openSUSE-2016-1130)NessusSuSE Local Security Checks
critical
93752Fedora 24 : 1:openssl (2016-a555159613)NessusFedora Local Security Checks
critical
93734SUSE SLES12 Security Update : openssl (SUSE-SU-2016:2387-1)NessusSuSE Local Security Checks
critical
93715Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : openssl regression (USN-3087-2)NessusUbuntu Local Security Checks
critical
93690Debian DLA-637-1 : openssl security updateNessusDebian Local Security Checks
critical
93684Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : openssl vulnerabilities (USN-3087-1)NessusUbuntu Local Security Checks
critical
93674FreeBSD : OpenSSL -- multiple vulnerabilities (43eaa656-80bc-11e6-bf52-b499baebfeaf)NessusFreeBSD Local Security Checks
critical
93668Debian DSA-3673-1 : openssl - security updateNessusDebian Local Security Checks
critical
93663Slackware 14.0 / 14.1 / 14.2 / current : openssl (SSA:2016-266-01)NessusSlackware Local Security Checks
critical