Lucene search
RedHatRHSA-2016:1137HistoryMay 31, 2016 - 12:00 a.m.
(RHSA-2016:1137) Important: openssl security update
2016-05-3100:00:00
access.redhat.com
78
EPSS
0.895
Percentile
98.8%
OpenSSL is a toolkit that implements the Secure Sockets Layer (SSL) and
Transport Layer Security (TLS) protocols, as well as a full-strength
general-purpose cryptography library.
Security Fix(es):
- A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An
attacker could use this flaw to create a specially crafted certificate which,
when verified or re-encoded by OpenSSL, could cause it to crash, or execute
arbitrary code using the permissions of the user running an application compiled
against the OpenSSL library. (CVE-2016-2108)
Red Hat would like to thank the OpenSSL project for reporting this issue.
Upstream acknowledges Huzaifa Sidhpurwala (Red Hat), Hanno Bock, and David
Benjamin (Google) as the original reporters.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 5 | ppc64 | openssl-devel | < 0.9.8e-40.el5_11 | openssl-devel-0.9.8e-40.el5_11.ppc64.rpm |
| RedHat | 5 | s390 | openssl-debuginfo | < 0.9.8e-40.el5_11 | openssl-debuginfo-0.9.8e-40.el5_11.s390.rpm |
| RedHat | 5 | ppc64 | openssl-debuginfo | < 0.9.8e-40.el5_11 | openssl-debuginfo-0.9.8e-40.el5_11.ppc64.rpm |
| RedHat | 5 | src | openssl | < 0.9.8e-40.el5_11 | openssl-0.9.8e-40.el5_11.src.rpm |
| RedHat | 5 | ppc | openssl-perl | < 0.9.8e-40.el5_11 | openssl-perl-0.9.8e-40.el5_11.ppc.rpm |
| RedHat | 5 | s390 | openssl | < 0.9.8e-40.el5_11 | openssl-0.9.8e-40.el5_11.s390.rpm |
| RedHat | 5 | x86_64 | openssl | < 0.9.8e-40.el5_11 | openssl-0.9.8e-40.el5_11.x86_64.rpm |
| RedHat | 5 | ia64 | openssl | < 0.9.8e-40.el5_11 | openssl-0.9.8e-40.el5_11.ia64.rpm |
| RedHat | 5 | ppc64 | openssl | < 0.9.8e-40.el5_11 | openssl-0.9.8e-40.el5_11.ppc64.rpm |
| RedHat | 5 | i386 | openssl-perl | < 0.9.8e-40.el5_11 | openssl-perl-0.9.8e-40.el5_11.i386.rpm |
Related
intel
intel
Multiple Intel Software Products impacted by CVE-2016-2108
2016-12-12 00:00:00
nessus
nessus
OpenSSL 1.0.2 < 1.0.2c Vulnerability
2016-05-04 00:00:00
Arista Networks EOS ASN.1 Encoder RCE (SA0020)
2018-02-28 00:00:00
Scientific Linux Security Update : openssl on SL5.x i386/x86_64 (20160531)
2016-06-01 00:00:00
ibm
ibm
Security Bulletin: Vulnerability in OpenSSL affects IBM Flex System FC5022 16Gb SAN Scalable Switch and IBM Flex System EN4023 10Gb Scalable Switch (CVE-2016-2108)
2019-01-31 02:25:02
openvas
openvas
OpenSSL Multiple Vulnerabilities-02 (May 2016) - Windows
2016-05-10 00:00:00
CentOS Update for openssl CESA-2016:1137 centos5
2016-06-03 00:00:00
RedHat Update for openssl RHSA-2016:1137-01
2016-06-03 00:00:00
veracode
veracode
Arbitrary Code Execution Or Denial Of Service (DoS)
2019-01-15 09:11:39
Arbitrary Code Execution Or Denial Of Service (DoS)
2017-01-26 09:01:29
cvelist
cvelist
CVE-2016-2108
2016-05-05 00:00:00
ubuntucve
ubuntucve
CVE-2016-2108
2016-05-03 00:00:00
f5
f5
SOL75152412 - OpenSSL vulnerability CVE-2016-2108
2016-05-19 00:00:00
K75152412 : OpenSSL vulnerability CVE-2016-2108
2016-05-19 00:00:00
SOL07538415 - Multiple OpenSSL vulnerabilities
2016-05-03 00:00:00
cve
cve
CVE-2016-2108
2016-05-05 01:59:04
seebug
seebug
OpenSSL Memory corruption in the ASN.1 encoder (CVE-2016-2108)
2016-05-04 00:00:00
redhatcve
redhatcve
CVE-2016-2108
2016-05-03 14:48:40
android
android
CVE-2016-2108
2018-07-01 00:00:00
centos
centos
openssl security update
2016-05-31 12:09:14
openssl security update
2016-05-16 10:25:52
openssl security update
2016-05-09 08:40:50
prion
prion
Memory corruption
2016-05-05 01:59:00
nvd
nvd
CVE-2016-2108
2016-05-05 01:59:04
openssl
openssl
Vulnerability in OpenSSL - Memory corruption in the ASN.1 encoder
2016-05-03 00:00:00
debiancve
debiancve
CVE-2016-2108
2016-05-05 01:59:04
citrix
citrix
Citrix XenServer 7.2 Multiple Security Updates
2018-03-29 04:00:00
thn
thn
High-Severity OpenSSL Vulnerability allows Hackers to Decrypt HTTPS Traffic
2016-05-04 23:31:00
threatpost
threatpost
July 2016 Android Security Bulletin
2016-07-06 14:00:58
fedora
fedora
[SECURITY] Fedora 22 Update: openssl-1.0.1k-15.fc22
2016-05-10 17:58:11
[SECURITY] Fedora 23 Update: openssl-1.0.2h-1.fc23
2016-05-04 18:54:36
[SECURITY] Fedora 24 Update: openssl-1.0.2h-1.fc24
2016-05-07 12:15:14
suse
suse
Security update for compat-openssl097g (important)
2016-05-04 18:08:19
Security update for openssl (important)
2016-05-19 19:09:52
Security update for openssl (important)
2016-05-05 13:07:36
oraclelinux
oraclelinux
openssl security update
2016-05-31 00:00:00
openssl security update
2016-05-13 00:00:00
openssl security update
2016-05-09 00:00:00
cloudfoundry
cloudfoundry
USN-2959-1 OpenSSL vulnerabilities | Cloud Foundry
2016-05-06 00:00:00
aix
aix
Vulnerabilities in OpenSSL affect AIX
2016-07-12 14:14:43
amazon
amazon
Important: openssl
2016-05-03 10:30:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2016-05-03 00:00:00
osv
osv
openssl - security update
2016-05-03 00:00:00
openssl - security update
2016-05-03 00:00:00
debian
debian
[SECURITY] [DSA 3566-1] openssl security update
2016-05-03 18:24:21
[SECURITY] [DLA 456-1] openssl security update
2016-05-03 20:53:46
cisco
cisco
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016
2016-05-04 19:30:00
redhat
redhat
(RHSA-2017:0193) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 6
2017-01-25 19:53:04
(RHSA-2017:0194) Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 7
2017-01-25 19:53:20
(RHSA-2016:2073) Important: openssl security update
2016-10-18 06:21:20
arista
arista
Security Advisory 0020
2016-05-06 00:00:00
huawei
huawei
Security Advisory - Multiple Vulnerabilities in OpenSSL in May 2016
2016-07-06 00:00:00
fortinet
fortinet
OpenSSL Advisory - May 2016
2016-09-22 00:00:00
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2016-05-03 00:00:00
slackware
slackware
[slackware-security] openssl
2016-05-03 21:05:31
symantec
symantec
SA123 : OpenSSL Vulnerabilities 3-May-2016
2016-05-09 08:00:00