PT-2016-3386 · Openssl+11 · Openssl+14

Published

2016-09-21

·

Updated

2024-06-15

·

CVE-2016-6306

CVSS v2.0

7.1

High

VectorAV:N/AC:M/Au:N/C:N/I:N/A:C
Name of the Vulnerable Software and Affected Versions OpenSSL versions prior to 1.0.1u OpenSSL versions prior to 1.0.2i
Description The issue is related to a buffer over-read in the certificate parser of OpenSSL, which could allow remote attackers to cause a denial of service. This is achieved through crafted certificate operations, and it is related to the files s3 clnt.c and s3 srvr.c. The vulnerability can be exploited by remote attackers.
Recommendations For OpenSSL versions prior to 1.0.1u, update to version 1.0.1u or later. For OpenSSL versions prior to 1.0.2i, update to version 1.0.2i or later. As a temporary workaround, consider restricting the use of crafted certificate operations until a patch is available.

Exploit

Fix

DoS

Out of bounds Read

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-125

Related Identifiers

ALT-PU-2016-2005
ALT-PU-2016-2068
BDU:2022-02461
CESA-2016_1940
CVE-2016-6306
DLA-637-1
DSA-3673-1
MGASA-2016-0338
MGASA-2016-0408
OPENSUSE-SU-2016_2391-1
OPENSUSE-SU-2016_2407-1
OPENSUSE-SU-2016_2496-1
OPENSUSE-SU-2016_2537-1
OPENSUSE-SU-2018_0458-1
OPENSUSE-SU-2024:10247-1
OPENSUSE-SU-2024:10271-1
OPENSUSE-SU-2024:11127-1
RHSA-2016:1940
RHSA-2016_1940
RHSA-2018:2185
RHSA-2018:2186
SUSE-FU-2022:0445-1
SUSE-SU-2016:2387-1
SUSE-SU-2016:2394-1
SUSE-SU-2016:2458-1
SUSE-SU-2016:2468-1
SUSE-SU-2016:2469-1
SUSE-SU-2016:2470-1
SUSE-SU-2016:2470-2
SUSE-SU-2016:2545-1
SUSE-SU-2017:2699-1
SUSE-SU-2017:2700-1
SUSE-SU-2019:14246-1
SUSE-SU-2019_14246-1
USN-3087-1
USN-3087-2

Affected Products

Alt Linux
Centos
Cisco Asa
Cisco Ios Xe
Cisco Nexus
Cisco Wls
Fortios
Freebsd
Huawei Vrp
Junos
Nessus
Openssl
Red Hat
Suse
Ubuntu