7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.605 Medium
EPSS
Percentile
97.8%
Guido Vranken discovered that OpenSSL uses undefined pointer arithmetic (CVE-2016-2177). Cesar Pereida, Billy Brumley and Yuval Yarom discovered a timing leak in the DSA code (CVE-2016-2178). Quan Luo and the OCAP audit team discovered denial of service vulnerabilities in DTLS (CVE-2016-2179, CVE-2016-2181). Shi Lei discovered an out-of-bounds memory read in TS_OBJ_print_bio() and an out-of-bounds write in BN_bn2dec() and MDC2_Update() (CVE-2016-2180, CVE-2016-2182, CVE-2016-6303). DES-based cipher suites are demoted from the HIGH group to MEDIUM as a mitigation for the SWEET32 attack (CVE-2016-2183). Shi Lei discovered that the use of SHA512 in TLS session tickets is susceptible to denial of service (CVE-2016-6302). Shi Lei discovered that excessively large OCSP status request may result in denial of service via memory exhaustion (CVE-2016-6304). Shi Lei discovered that missing message length validation when parsing certificates may potentially result in denial of service (CVE-2016-6306).
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Mageia | 5 | noarch | openssl | < 1.0.2j-1 | openssl-1.0.2j-1.mga5 |
7.8 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.605 Medium
EPSS
Percentile
97.8%