PT-2016-1330 · Openssl+6 · Openssl+7

David Adrian

+1

·

Published

2015-03-23

·

Updated

2022-12-13

·

CVE-2016-0703

CVSS v3.1

5.9

Medium

VectorAV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 0.9.8zf OpenSSL versions prior to 1.0.0r OpenSSL versions prior to 1.0.1m OpenSSL versions prior to 1.0.2a
Description The issue allows man-in-the-middle attackers to determine the MASTER-KEY value and decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle. This is related to an issue where the get client master key function in s2 srvr.c in the SSLv2 implementation accepts a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH value for an arbitrary cipher.
Recommendations For versions prior to 0.9.8zf, update to version 0.9.8zf or later. For versions prior to 1.0.0r, update to version 1.0.0r or later. For versions prior to 1.0.1m, update to version 1.0.1m or later. For versions prior to 1.0.2a, update to version 1.0.2a or later.

Exploit

Fix

Information Disclosure

Weakness Enumeration

CWE-200

Related Identifiers

BDU:2016-00629
CESA-2015_0716
CESA-2016_0372
CVE-2016-0703
OPENSUSE-SU-2016_0628-1
OPENSUSE-SU-2016_0720-1
RHSA-2015:0715
RHSA-2015:0716
RHSA-2015:0752
RHSA-2015:0800
RHSA-2015_0715
RHSA-2015_0716
RHSA-2015_0800
RHSA-2016:0303
RHSA-2016:0304
RHSA-2016:0306
RHSA-2016:0372
RHSA-2016_0372
SUSE-SU-2016:0617-1
SUSE-SU-2016:0620-1
SUSE-SU-2016:0621-1
SUSE-SU-2016:0624-1
SUSE-SU-2016:0631-1
SUSE-SU-2016:0641-1
SUSE-SU-2016:0748-1
SUSE-SU-2016:0778-1
SUSE-SU-2016:0786-1
SUSE-SU-2016:1057-1

Affected Products

Centos
Cisco Nexus
Cisco Wls
Freebsd
Junos
Openssl
Red Hat
Suse