Executive Summary

Informations
NameCVE-2016-2176First vendor Publication2016-05-04
VendorCveLast vendor Modification2018-07-18

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:P/I:N/A:P)
Cvss Base Score6.4Attack RangeNetwork
Cvss Impact Score4.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EBCDIC ASN.1 data.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2176

CWE : Common Weakness Enumeration

%idName
100 %CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer

CPE : Common Platform Enumeration

TypeDescriptionCount
Application253

Nessus® Vulnerability Scanner

DateDescription
2017-03-22Name : A data aggregation application installed on the remote host is affected by mu...
File : lce_4_8_1.nasl - Type : ACT_GATHER_INFO
2016-12-07Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201612-16.nasl - Type : ACT_GATHER_INFO
2016-10-20Name : A web application installed on the remote host is affected by multiple vulner...
File : oracle_e-business_cpu_oct_2016.nasl - Type : ACT_GATHER_INFO
2016-07-21Name : The remote host is missing a Mac OS X security update that fixes multiple vul...
File : macosx_10_11_6.nasl - Type : ACT_GATHER_INFO
2016-07-20Name : An application installed on the remote host is affected by multiple vulnerabi...
File : virtualbox_5_0_22.nasl - Type : ACT_GATHER_INFO
2016-07-15Name : The remote AIX host has a version of OpenSSL installed that is affected by mu...
File : aix_openssl_advisory20.nasl - Type : ACT_GATHER_INFO
2016-07-14Name : A video conferencing application running on the remote host is affected by mu...
File : cisco_telepresence_vcs_multiple_880.nasl - Type : ACT_GATHER_INFO
2016-05-05Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3566.nasl - Type : ACT_GATHER_INFO
2016-05-04Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2016-124-01.nasl - Type : ACT_GATHER_INFO
2016-05-04Name : The remote Debian host is missing a security update.
File : debian_DLA-456.nasl - Type : ACT_GATHER_INFO
2016-05-04Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_01d729ca114311e6b55eb499baebfeaf.nasl - Type : ACT_GATHER_INFO
2016-05-04Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_1t.nasl - Type : ACT_GATHER_INFO
2016-05-04Name : The remote service is affected by multiple vulnerabilities.
File : openssl_1_0_2h.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
APPLE http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html
BID http://www.securityfocus.com/bid/89746
http://www.securityfocus.com/bid/91787
CISCO http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa...
CONFIRM http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
https://bto.bluecoat.com/security-advisory/sa123
https://git.openssl.org/?p=openssl.git;a=commit;h=2919516136a4227d9e6d8f2fe66...
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId...
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId...
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202
https://kc.mcafee.com/corporate/index?page=content&id=SB10160
https://security.netapp.com/advisory/ntap-20160504-0001/
https://support.apple.com/HT206903
https://www.openssl.org/news/secadv/20160503.txt
https://www.tenable.com/security/tns-2016-18
GENTOO https://security.gentoo.org/glsa/201612-16
MISC http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-opens...
SECTRACK http://www.securitytracker.com/id/1035721
SLACKWARE http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&...

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
DateInformations
2019-09-24 01:07:47
  • Multiple Updates
2018-08-10 12:05:48
  • Multiple Updates
2018-07-19 09:19:08
  • Multiple Updates
2017-11-10 09:23:02
  • Multiple Updates
2017-07-23 09:24:36
  • Multiple Updates
2017-06-09 09:23:20
  • Multiple Updates
2017-03-23 13:24:15
  • Multiple Updates
2017-03-01 09:24:08
  • Multiple Updates
2016-12-28 09:22:15
  • Multiple Updates
2016-12-08 13:25:11
  • Multiple Updates
2016-12-01 09:24:15
  • Multiple Updates
2016-11-29 00:26:02
  • Multiple Updates
2016-10-26 09:22:46
  • Multiple Updates
2016-10-22 13:25:18
  • Multiple Updates
2016-10-04 09:24:11
  • Multiple Updates
2016-08-09 09:24:08
  • Multiple Updates
2016-07-23 09:25:16
  • Multiple Updates
2016-07-22 13:38:25
  • Multiple Updates
2016-07-22 12:03:58
  • Multiple Updates
2016-07-18 13:25:13
  • Multiple Updates
2016-06-15 09:26:58
  • Multiple Updates
2016-06-04 05:25:46
  • Multiple Updates
2016-06-03 09:26:37
  • Multiple Updates
2016-05-06 21:34:07
  • Multiple Updates
2016-05-05 13:30:53
  • Multiple Updates
2016-05-05 09:29:47
  • First insertion