Executive Summary

Informations
NameCVE-2016-9243First vendor Publication2017-03-27
VendorCveLast vendor Modification2017-04-04

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:L/Au:N/C:N/I:P/A:N)
Cvss Base Score5Attack RangeNetwork
Cvss Impact Score2.9Attack ComplexityLow
Cvss Expoit Score10AuthenticationNone Required
Calculate full CVSS 2.0 Vectors scores

Detail

HKDF in cryptography before 1.5.2 returns an empty byte-string if used with a length less than algorithm.digest_size.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9243

CWE : Common Weakness Enumeration

%idName
100 %CWE-20Improper Input Validation

CPE : Common Platform Enumeration

TypeDescriptionCount
Application1
Os2
Os3

Nessus® Vulnerability Scanner

DateDescription
2016-12-05Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_e5dcb942ba6f11e6b1cf14dae9d210b8.nasl - Type : ACT_GATHER_INFO
2016-11-29Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-3138-1.nasl - Type : ACT_GATHER_INFO
2016-11-22Name : The remote Fedora host is missing one or more security updates.
File : fedora_2016-d3a2b640ce.nasl - Type : ACT_GATHER_INFO
2016-11-21Name : The remote Fedora host is missing one or more security updates.
File : fedora_2016-2d90e27e50.nasl - Type : ACT_GATHER_INFO
2016-11-21Name : The remote Fedora host is missing one or more security updates.
File : fedora_2016-e77c8c1f3b.nasl - Type : ACT_GATHER_INFO

Sources (Detail)

SourceUrl
BID http://www.securityfocus.com/bid/94216
CONFIRM https://cryptography.io/en/latest/changelog
https://github.com/pyca/cryptography/commit/b924696b2e8731f39696584d12cceeb3a...
https://github.com/pyca/cryptography/issues/3211
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorapr...
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorapr...
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedorapr...
MLIST http://www.openwall.com/lists/oss-security/2016/11/09/2
UBUNTU http://www.ubuntu.com/usn/USN-3138-1

Alert History

If you want to see full details history, please login or register.
0
1
2
DateInformations
2018-06-14 12:05:08
  • Multiple Updates
2017-04-04 21:23:26
  • Multiple Updates
2017-03-27 21:21:13
  • First insertion