If a server uses SHA512 for TLS session ticket HMAC it is vulnerable to a
DoS attack where a malformed ticket will result in an OOB read which will
ultimately crash.

The use of SHA512 in TLS session tickets is comparatively rare as it requires
a custom server callback and ticket lookup mechanism.

refer:
https://www.openssl.org/news/secadv/20160922.txt

prion 1

cve 1

veracode 1

f5 3

osv 4

ubuntucve 1

alpinelinux 1

cvelist 1

nvd 1

redhatcve 1

debiancve 1

openssl 1

ibm 61

openvas 32

nessus 45

redhat 4

amazon 1

suse 9

altlinux 5

fedora 3

cloudfoundry 1

oraclelinux 1

centos 1

freebsd_advisory 1

ubuntu 2

archlinux 2

debian 2

mageia 2

aix 1

arista 1

freebsd 1

fortinet 1

slackware 1

symantec 1

huawei 1

nodejsblog 1

cisco 1

packetstorm 1

prion

Design/Logic Flaw

2016-09-16 05:59:00

cve

CVE-2016-6302

2016-09-16 05:59:12

veracode

Denial Of Service (DoS)

2017-01-26 03:18:38

K70844615 : OpenSSL vulnerability CVE-2016-6302

2016-12-08 00:00:00

SOL09422508 - OpenSSL vulnerabilities CVE-2016-6302, CVE-2016-6307, and CVE-2016-6308

2016-10-19 00:00:00

SOL22071504 - September 2016 OpenSSL security vulnerability announcement

2016-09-22 00:00:00

osv

CVE-2016-6302

2016-09-16 05:59:00

openssl - regression update

2016-09-22 00:00:00

openssl - security update

2016-09-22 00:00:00

ubuntucve

CVE-2016-6302

2016-09-16 00:00:00

alpinelinux

CVE-2016-6302

2016-09-16 05:59:12

cvelist

CVE-2016-6302

2016-09-16 00:00:00

nvd

CVE-2016-6302

2016-09-16 05:59:12

redhatcve

CVE-2016-6302

2019-10-10 04:54:26

debiancve

CVE-2016-6302

2016-09-16 05:59:12

openssl

Vulnerability in OpenSSL CVE-2016-6302

2016-08-23 00:00:00

ibm

Security Bulletin: Multiple vulnerabilities in OpenSSL affect SAN Volume Controller, Storwize family and FlashSystem V9000 products

2023-03-29 01:48:02

Security Bulletin: Multiple Vulnerabilities in Glibc, GNU C and OpenSSL affect IBM Netezza Firmware Diagnostics

2019-10-18 03:10:29

Security Bulletin: Vulnerabilities in OpenSSL affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter systems

2023-04-14 14:32:25

openvas

OpenSSL 1.0.2 and 1.0.1 Multiple Vulnerabilities (Sep 2016) - Linux

2016-09-26 00:00:00

OpenSSL 1.0.2 and 1.0.1 Multiple Vulnerabilities (Sep 2016) - Windows

2016-09-26 00:00:00

Huawei EulerOS: Security Advisory for openssl (EulerOS-SA-2016-1047)

2020-01-23 00:00:00

nessus

EulerOS 2.0 SP1 : openssl (EulerOS-SA-2016-1047)

2017-05-01 00:00:00

Amazon Linux AMI : openssl (ALAS-2016-755)

2016-10-13 00:00:00

Oracle Linux 6 / 7 : openssl (ELSA-2016-3621)

2023-09-07 00:00:00

redhat

(RHSA-2018:2187) Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update

2018-07-12 16:04:13

(RHSA-2018:2186) Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 6 security update

2018-07-12 16:04:10

(RHSA-2016:1940) Important: openssl security update

2016-09-27 11:50:45

amazon

Medium: openssl

2016-10-12 17:00:00

suse

Security update for compat-openssl098 (important)

2016-10-06 20:09:29

Security update for openssl (important)

2016-10-05 18:09:41

Security update for compat-openssl098 (important)

2016-10-14 15:09:07

altlinux

Security fix for the ALT Linux 8 package openssl10 version 1.0.2i-alt1

2016-09-22 00:00:00

Security fix for the ALT Linux 10 package openssl1.1 version 1.0.2i-alt1

2016-09-22 00:00:00

Security fix for the ALT Linux 9 package openssl1.1 version 1.0.2i-alt1

2016-09-22 00:00:00

fedora

[SECURITY] Fedora 23 Update: openssl-1.0.2j-1.fc23

2016-10-11 23:24:05

[SECURITY] Fedora 25 Update: openssl-1.0.2j-1.fc25

2016-10-09 03:28:42

[SECURITY] Fedora 24 Update: openssl-1.0.2j-1.fc24

2016-09-28 01:57:16

cloudfoundry

USN-3087-2 OpenSSL Regression | Cloud Foundry

2016-09-28 00:00:00

oraclelinux

openssl security update

2016-09-27 00:00:00

centos

openssl security update

2016-09-28 14:48:04

freebsd_advisory

FreeBSD-SA-16:26.openssl

2016-09-23 00:00:00

ubuntu

OpenSSL vulnerabilities

2016-09-22 00:00:00

OpenSSL regression

2016-09-23 00:00:00

archlinux

[ASA-201609-24] lib32-openssl: multiple issues

2016-09-26 00:00:00

[ASA-201609-23] openssl: multiple issues

2016-09-26 00:00:00

debian

[SECURITY] [DSA 3673-1] openssl security update

2016-09-22 16:50:14

[SECURITY] [DLA 637-1] openssl security update

2016-09-25 11:55:01

mageia

Updated openssl packages fix security vulnerabilities

2016-10-12 01:12:20

Updated virtualbox packages fixes security vulnerabilities

2016-12-06 00:49:27

aix

Vulnerabilities in OpenSSL affect AIX

2016-11-14 13:29:26

arista

Security Advisory 0024

2016-10-04 00:00:00

freebsd

OpenSSL -- multiple vulnerabilities

2016-09-22 00:00:00

fortinet

OpenSSL Security Advisory [22 Sept 2016]

2017-04-03 00:00:00

slackware

[slackware-security] openssl

2016-09-22 18:53:12

symantec

SA132 : OpenSSL Vulnerabilities 22-Sep-2016 and 26-Sep-2016

2016-10-06 08:00:00

huawei

Security Advisory - Sixteen OpenSSL Vulnerabilities on Some Huawei products

2017-03-22 00:00:00

nodejsblog

Security updates for all active release lines, September 2016

2016-09-23 00:00:00

cisco

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016

2016-09-27 22:40:00

packetstorm

Orion Elite Hidden IP Browser Pro 7.9 OpenSSL / Tor / Man-In-The-Middle

2017-07-14 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

EPSS

0.293

Percentile

96.9%

JSON

Related for H1:221787