Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
opensslOpenSSLOPENSSL:CVE-2016-0703
HistoryMar 01, 2016 - 12:00 a.m.

Vulnerability in OpenSSL - Divide-and-conquer session key recovery in SSLv2

2016-03-0100:00:00
www.openssl-library.org
40

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.8

Confidence

High

EPSS

0.477

Percentile

97.5%

JSON

This issue only affected versions of OpenSSL prior to March 19th 2015 at which time the code was refactored to address vulnerability CVE-2015-0293. s2_srvr.c did not enforce that clear-key-length is 0 for non-export ciphers. If clear-key bytes are present for these ciphers, they displace encrypted-key bytes. This leads to an efficient divide-and-conquer key recovery attack: if an eavesdropper has intercepted an SSLv2 handshake, they can use the server as an oracle to determine the SSLv2 master-key, using only 16 connections to the server and negligible computation. More importantly, this leads to a more efficient version of DROWN that is effective against non-export ciphersuites, and requires no significant computation.

Found by David Adrian and J.Alex Halderman (University of Michigan).

Affected configurations

Vulners
Node
opensslopensslRange0.9.80.9.8zf
OR
opensslopensslRange1.0.01.0.0r
OR
opensslopensslRange1.0.11.0.1m
OR
opensslopensslRange1.0.21.0.2a
VendorProductVersionCPE
opensslopenssl*cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*

Related

redhat 10
nessus 56
openvas 42
amazon 2
centos 3
veracode 3
cve 2
f5 4
prion 2
cvelist 2
thn 1
debiancve 2
openssl 3
ubuntucve 2
nvd 2
hackerone 1
oraclelinux 3
cloudfoundry 1
suse 15
checkpoint_advisories 1
ibm 25
paloalto 1
seebug 1
fedora 3
kitploit 1
nmap 1
altlinux 5
mageia 1
slackware 1
ubuntu 1
aix 1
debian 1
redhat
redhat
(RHSA-2016:0303) Important: openssl security update
2016-03-01 00:00:00
(RHSA-2016:0372) Important: openssl098e security update
2016-03-09 00:00:00
(RHSA-2016:0304) Important: openssl security update
2016-03-01 00:00:00
nessus
nessus
Scientific Linux Security Update : openssl098e on SL6.x, SL7.x i386/x86_64 (20160309) (DROWN)
2016-03-10 00:00:00
Amazon Linux AMI : openssl098e (ALAS-2016-682) (DROWN)
2016-04-07 00:00:00
CentOS 6 / 7 : openssl098e (CESA-2016:0372) (DROWN)
2016-03-09 00:00:00
openvas
openvas
CentOS Update for openssl098e CESA-2016:0372 centos7
2016-03-10 00:00:00
CentOS Update for openssl098e CESA-2016:0372 centos6
2016-03-10 00:00:00
Amazon Linux: Security Advisory (ALAS-2016-682)
2016-05-09 00:00:00
amazon
amazon
Important: openssl098e
2016-04-06 14:40:00
Medium: openssl
2015-03-23 13:42:00
centos
centos
openssl098e security update
2016-03-09 05:32:33
openssl security update
2015-03-23 21:19:50
openssl security update
2015-04-14 11:25:52
veracode
veracode
Information Disclosure
2017-02-06 02:50:41
Denial Of Service (DoS)
2019-01-15 09:10:17
Denial Of Service (DoS)
2017-01-26 06:43:37
cve
cve
CVE-2015-0293
2015-03-19 22:59:11
CVE-2016-0703
2016-03-02 11:59:00
f5
f5
SOL16321 - OpenSSL vulnerability CVE-2015-0293
2015-04-02 00:00:00
K16321 : OpenSSL vulnerability CVE-2015-0293
2015-10-05 00:00:00
K95463126 : OpenSSL vulnerabilities CVE-2016-0703 and CVE-2016-0704
2016-03-10 00:00:00
prion
prion
Design/Logic Flaw
2015-03-19 22:59:00
Sql injection
2016-03-02 11:59:00
cvelist
cvelist
CVE-2015-0293
2015-03-19 00:00:00
CVE-2016-0703
2016-03-02 00:00:00
thn
thn
DROWN Attack — More than 11 Million OpenSSL HTTPS Websites at Risk
2016-03-01 07:11:00
debiancve
debiancve
CVE-2015-0293
2015-03-19 22:59:11
CVE-2016-0703
2016-03-02 11:59:00
openssl
openssl
Vulnerability in OpenSSL - DoS via reachable assert in SSLv2 servers
2015-03-19 00:00:00
Vulnerability in OpenSSL - Bleichenbacher oracle in SSLv2
2016-03-01 00:00:00
Vulnerability in OpenSSL - Cross-protocol attack on TLS using SSLv2 (DROWN)
2016-03-01 00:00:00
ubuntucve
ubuntucve
CVE-2015-0293
2015-03-17 00:00:00
CVE-2016-0703
2016-03-01 00:00:00
nvd
nvd
CVE-2015-0293
2015-03-19 22:59:11
CVE-2016-0703
2016-03-02 11:59:00
hackerone
hackerone
Internet Bug Bounty: Divide-and-conquer session key recovery in SSLv2 (CVE-2016-0703)
2016-05-12 05:53:22
oraclelinux
oraclelinux
openssl098e security update
2016-03-09 00:00:00
openssl security update
2015-03-23 00:00:00
openssl security and bug fix update
2015-03-23 00:00:00
cloudfoundry
cloudfoundry
CVE-2016-0800 & CVE-2016-0703 OpenSSL vulnerabilities | Cloud Foundry
2016-03-02 00:00:00
suse
suse
Security update for openssl (important)
2016-03-11 14:14:22
Security update for openssl (important)
2016-03-03 15:11:31
Security update for compat-openssl097g (important)
2016-03-02 18:12:06
checkpoint_advisories
checkpoint_advisories
Secure Sockets Layer (SSL) Version 2.0 (CVE-2016-0703; CVE-2016-0704; CVE-2016-0800)
2014-03-18 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in OpenSSL affect IBM Enterprise Content Management System Monitor
2018-06-17 12:15:53
Security Bulletin: Vulnerabilities in OpenSSL affect Rational ClearCase (CVE-2015-0209, CVE-2015-0286, CVE-2015-0288, CVE-2015-0293)
2018-07-10 08:34:12
Security Bulletin: Vulnerabilities in OpenSSL affect Rational ClearQuest (CVE-2015-0209, CVE-2015-0286, CVE-2015-0288, CVE-2015-0293)
2018-06-17 05:01:59
paloalto
paloalto
OpenSSL Vulnerabilities
2016-10-18 00:00:00
seebug
seebug
Cross-protocol attack on TLS using SSLv2 (DROWN) (CVE-2016-0800)
2016-03-02 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: mingw-openssl-1.0.2a-1.fc22
2015-05-01 16:42:54
[SECURITY] Fedora 21 Update: mingw-openssl-1.0.2a-1.fc21
2015-05-04 15:27:35
[SECURITY] Fedora 21 Update: openssl-1.0.1k-6.fc21
2015-03-22 04:40:24
kitploit
kitploit
Git-Vuln-Finder - Finding Potential Software Vulnerabilities From Git Commit Messages
2020-01-08 20:35:00
nmap
nmap
sslv2-drown NSE Script
2016-07-07 16:35:39
altlinux
altlinux
Security fix for the ALT Linux 9 package openssl1.1 version 1.0.1k-alt2
2015-03-19 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 1.0.1k-alt2
2015-03-19 00:00:00
Security fix for the ALT Linux 7 package openssl10 version 1.0.1k-alt2
2015-03-19 00:00:00
mageia
mageia
Updated openssl packages fix security vulnerabilities
2015-03-19 19:47:16
slackware
slackware
[slackware-security] openssl
2015-04-22 01:22:19
ubuntu
ubuntu
OpenSSL vulnerabilities
2015-03-19 00:00:00
aix
aix
Multiple Security vulnerabilities in AIX OpenSSL
2015-04-13 05:07:43
debian
debian
[SECURITY] [DLA 177-1] openssl security update
2015-03-20 21:40:47

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

AI Score

6.8

Confidence

High

EPSS

0.477

Percentile

97.5%

JSON
Related for OPENSSL:CVE-2016-0703
redhat10nessus56openvas42amazon2centos3veracode3cve2f54prion2cvelist2thn1debiancve2openssl3ubuntucve2nvd2hackerone1oraclelinux3cloudfoundry1suse15checkpoint_advisories1ibm25paloalto1seebug1fedora3kitploit1nmap1altlinux5mageia1slackware1ubuntu1aix1debian1