CVE-2016-0704

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 0.9.8zf OpenSSL versions 1.0.0 prior to 1.0.0r OpenSSL versions 1.0.1 prior to 1.0.1m OpenSSL versions 1.0.2 prior to 1.0.2a

Description The issue is related to the get client master key function in the SSLv2 implementation, where an oracle protection mechanism incorrectly overwrites MASTER-KEY bytes during the use of export cipher suites. This makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle.

Recommendations For OpenSSL versions prior to 0.9.8zf, update to version 0.9.8zf or later. For OpenSSL versions 1.0.0 prior to 1.0.0r, update to version 1.0.0r or later. For OpenSSL versions 1.0.1 prior to 1.0.1m, update to version 1.0.1m or later. For OpenSSL versions 1.0.2 prior to 1.0.2a, update to version 1.0.2a or later.

Exploit

Fix

Information Disclosure

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200

Related Identifiers

BDU:2016-00665

CESA-2015_0716

CESA-2016_0372

CVE-2016-0704

OPENSUSE-SU-2016_0628-1

OPENSUSE-SU-2016_0720-1

RHSA-2015:0715

RHSA-2015:0716

RHSA-2015:0752

RHSA-2015:0800

RHSA-2015_0715

RHSA-2015_0716

RHSA-2015_0800

RHSA-2016:0303

RHSA-2016:0304

RHSA-2016:0306

RHSA-2016:0372

RHSA-2016_0372

SUSE-SU-2016:0617-1

SUSE-SU-2016:0620-1

SUSE-SU-2016:0621-1

SUSE-SU-2016:0641-1

SUSE-SU-2016:0748-1

SUSE-SU-2016:0778-1

SUSE-SU-2016:0786-1

Affected Products

Centos

Cisco Nexus

Cisco Wls

Freebsd

Junos

Openssl

Red Hat

Suse

CVE-2016-0704

Weakness Enumeration

Related Identifiers

Affected Products

References · 157