Lucene search
Alpine Linux Development TeamALPINE:CVE-2016-6303HistorySep 16, 2016 - 5:59 a.m.
CVE-2016-6303
2016-09-1605:59:13
Alpine Linux Development Team
security.alpinelinux.org
21
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.289
Percentile
96.9%
Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service (out-of-bounds write and application crash) or possibly have unspecified other impact via unknown vectors.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Alpine | 3.2-main | noarch | openssl | < 1.0.2h-r3 | UNKNOWN |
| Alpine | 3.3-main | noarch | openssl | < 1.0.2h-r3 | UNKNOWN |
| Alpine | 3.4-main | noarch | openssl | < 1.0.2h-r3 | UNKNOWN |
| Alpine | 3.5-main | noarch | openssl | < 1.0.2h-r3 | UNKNOWN |
| Alpine | 3.6-main | noarch | openssl | < 1.0.2h-r3 | UNKNOWN |
| Alpine | 3.7-main | noarch | openssl | < 1.0.2h-r3 | UNKNOWN |
| Alpine | 3.8-main | noarch | openssl | < 1.0.2h-r3 | UNKNOWN |
Related
redhatcve
redhatcve
CVE-2016-6303
2016-08-25 12:18:43
openssl
openssl
Vulnerability in OpenSSL CVE-2016-6303
2016-08-24 00:00:00
osv
osv
CVE-2016-6303
2016-09-16 05:59:00
openssl - regression update
2016-09-22 00:00:00
openssl - security update
2016-09-22 00:00:00
veracode
veracode
Denial Of Service (DoS) Via Integer Overflow
2017-01-26 02:40:18
prion
prion
Integer overflow
2016-09-16 05:59:00
f5
f5
SOL35543324 - OpenSSL vulnerability CVE-2016-6303
2016-10-04 00:00:00
K35543324 : OpenSSL vulnerability CVE-2016-6303
2016-10-04 00:00:00
SOL22071504 - September 2016 OpenSSL security vulnerability announcement
2016-09-22 00:00:00
hackerone
hackerone
Internet Bug Bounty: OOB write in MDC2_Update() (CVE-2016-6303)
2017-04-18 07:33:24
ubuntucve
ubuntucve
CVE-2016-6303
2016-09-16 00:00:00
cve
cve
CVE-2016-6303
2016-09-16 05:59:13
debiancve
debiancve
CVE-2016-6303
2016-09-16 05:59:13
cvelist
cvelist
CVE-2016-6303
2016-09-16 00:00:00
nvd
nvd
CVE-2016-6303
2016-09-16 05:59:13
ibm
ibm
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Storwize V7000 Unified (CVE-2016-6304, CVE-2016-6303, CVE-2016-2178, CVE-2016-6306 and CVE-2016-2183)
2018-06-18 00:28:14
openvas
openvas
OpenSSL 1.0.2 and 1.0.1 Multiple Vulnerabilities (Sep 2016) - Linux
2016-09-26 00:00:00
OpenSSL 1.0.2 and 1.0.1 Multiple Vulnerabilities (Sep 2016) - Windows
2016-09-26 00:00:00
openSUSE: Security Advisory for compat-openssl098 (openSUSE-SU-2016:2537-1)
2016-10-15 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 10 package openssl1.1 version 1.0.2i-alt1
2016-09-22 00:00:00
Security fix for the ALT Linux 8 package openssl10 version 1.0.2i-alt1
2016-09-22 00:00:00
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.2i-alt1
2016-09-22 00:00:00
nessus
nessus
openSUSE Security Update : compat-openssl098 (openSUSE-2016-1189)
2016-10-17 00:00:00
Ubuntu 14.04 LTS / 16.04 LTS : OpenSSL regression (USN-3087-2)
2016-09-26 00:00:00
suse
suse
Security update for openssl (important)
2016-10-05 18:09:41
Security update for compat-openssl098 (important)
2016-10-06 20:09:29
Security update for openssl (important)
2016-09-27 19:11:34
cloudfoundry
cloudfoundry
USN-3087-2 OpenSSL Regression | Cloud Foundry
2016-09-28 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-16:26.openssl
2016-09-23 00:00:00
archlinux
archlinux
[ASA-201609-24] lib32-openssl: multiple issues
2016-09-26 00:00:00
[ASA-201609-23] openssl: multiple issues
2016-09-26 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2016-09-22 00:00:00
OpenSSL regression
2016-09-23 00:00:00
aix
aix
Vulnerabilities in OpenSSL affect AIX
2016-11-14 13:29:26
mageia
mageia
Updated openssl packages fix security vulnerabilities
2016-10-12 01:12:20
Updated virtualbox packages fixes security vulnerabilities
2016-12-06 00:49:27
debian
debian
[SECURITY] [DSA 3673-1] openssl security update
2016-09-22 16:50:14
[SECURITY] [DLA 637-1] openssl security update
2016-09-25 11:55:01
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2016-09-22 00:00:00
arista
arista
Security Advisory 0024
2016-10-04 00:00:00
fortinet
fortinet
OpenSSL Security Advisory [22 Sept 2016]
2017-04-03 00:00:00
slackware
slackware
[slackware-security] openssl
2016-09-22 18:53:12
huawei
huawei
Security Advisory - Sixteen OpenSSL Vulnerabilities on Some Huawei products
2017-03-22 00:00:00
symantec
symantec
SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016
2016-10-06 08:00:00
nodejsblog
nodejsblog
Security updates for all active release lines, September 2016
2016-09-23 00:00:00
cisco
cisco
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016
2016-09-27 22:40:00
packetstorm
packetstorm
Orion Elite Hidden IP Browser Pro 7.9 OpenSSL / Tor / Man-In-The-Middle
2017-07-14 00:00:00
apple
apple
kitploit
kitploit
arch-audit - An utility like pkg-audit for Arch Linux
2016-10-15 14:30:00
ics
ics
Siemens SCALANCE X-200RNA Switch Devices
2022-12-19 12:00:00
oracle
oracle
Oracle Critical Patch Update - April 2018
2018-04-17 00:00:00
Oracle Critical Patch Update - January 2018
2018-01-16 00:00:00
Oracle Critical Patch Update - October 2016
2016-10-18 00:00:00
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.4
Confidence
High
EPSS
0.289
Percentile
96.9%
Related for ALPINE:CVE-2016-6303