CVSS: 5.3EPSS: 2%CPEs: 102EXPL: 0CVE-2017-3735 – openssl: Malformed X.509 IPAdressFamily could cause OOB read
https://notcve.org/view.php?id=CVE-2017-3735
While parsing an IPAddressFamily extension in an X.509 certificate, it is possible to do a one-byte overread. This would result in an incorrect text display of the certificate. This bug has been present since 2006 and is present in all versions of OpenSSL before 1.0.2m and 1.1.0g. Al analizar una extensión IPAddressFamily en un certificado X.509, es posible realizar una sobrelectura de un bit. Esto tendría como resultado que el texto del certificado se muestre de forma incorrecta. • http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html http://www.securityfocus.com/bid/100515 http://www.securitytracker.com/id/1039726 https://access.redhat.com/errata/RHSA-2018:3221 https://access.redhat.com/errata/RHSA-2018:3505 https://cert-portal.siem • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-125: Out-of-bounds Read •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 1CVE-2016-7798
https://notcve.org/view.php?id=CVE-2016-7798
The openssl gem for Ruby uses the same initialization vector (IV) in GCM Mode (aes-*-gcm) when the IV is set before the key, which makes it easier for context-dependent attackers to bypass the encryption protection mechanism. La openssl gem para Ruby utiliza el mismo vector de inicialización (IV) en el modo GCM (aes - * - gcm) cuando el IV se establece en versiones anteriores a la clave, lo que facilita que los atacantes dependiendo del contexto eludan el mecanismo de protección del cifrado. • http://www.openwall.com/lists/oss-security/2016/09/19/9 http://www.openwall.com/lists/oss-security/2016/09/30/6 http://www.openwall.com/lists/oss-security/2016/10/01/2 http://www.securityfocus.com/bid/93031 https://github.com/ruby/openssl/commit/8108e0a6db133f3375608303fdd2083eb5115062 https://github.com/ruby/openssl/issues/49 https://lists.debian.org/debian-lts-announce/2018/07/msg00012.html https://www.debian.org/security/2017/dsa-3966 • CWE-326: Inadequate Encryption Strength •
CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0CVE-2016-7056 – openssl: ECDSA P-256 timing attack key recovery
https://notcve.org/view.php?id=CVE-2016-7056
A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys. Se ha encontrado un error de ataque de sincronización en OpenSSL, en versiones 1.0.1u y anteriores, que podría permitir que un usuario malicioso con acceso local recupere claves privadas ECDSA P-256 A timing attack flaw was found in OpenSSL that could allow a malicious user with local access to recover ECDSA P-256 private keys. • http://rhn.redhat.com/errata/RHSA-2017-1415.html http://www.securityfocus.com/bid/95375 http://www.securitytracker.com/id/1037575 https://access.redhat.com/errata/RHSA-2017:1413 https://access.redhat.com/errata/RHSA-2017:1414 https://access.redhat.com/errata/RHSA-2017:1801 https://access.redhat.com/errata/RHSA-2017:1802 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7056 https://eprint.iacr.org/2016/1195 https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/ • CWE-320: Key Management Errors CWE-385: Covert Timing Channel •
CVSS: 8.2EPSS: 65%CPEs: 12EXPL: 0CVE-2016-2176
https://notcve.org/view.php?id=CVE-2016-2176
The X509_NAME_oneline function in crypto/x509/x509_obj.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to obtain sensitive information from process stack memory or cause a denial of service (buffer over-read) via crafted EBCDIC ASN.1 data. La función X509_NAME_oneline en crypto/x509/x509_obj.c en OpenSSL en versiones anteriores a 1.0.1t y 1.0.2 en versiones anteriores a 1.0.2h permite a atacantes remotos obtener información sensible de la pila de memoria de proceso o provocar una denegación de servicio (sobrelectura de buffer) a través de datos EBCDIC ASN.1 manipulados. • http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.html http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-openssl http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.oracle.com/technetwork/topics& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.5EPSS: 33%CPEs: 23EXPL: 0CVE-2016-2106 – openssl: EVP_EncryptUpdate overflow
https://notcve.org/view.php?id=CVE-2016-2106
Integer overflow in the EVP_EncryptUpdate function in crypto/evp/evp_enc.c in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows remote attackers to cause a denial of service (heap memory corruption) via a large amount of data. Desbordamiento de entero en la función EVP_EncryptUpdate en crypto/evp/evp_enc.c en OpenSSL en versiones anteriores a 1.0.1t y 1.0.2 en versiones anteriores a 1.0.2h permite a atacantes remotos provocar una denegación de servicio (corrupción de memoria dinámica) a través de una gran cantidad de datos. An integer overflow flaw, leading to a buffer overflow, was found in the way the EVP_EncryptUpdate() function of OpenSSL parsed very large amounts of input data. A remote attacker could use this flaw to crash an application using OpenSSL or, possibly, execute arbitrary code with the permissions of the user running that application. • http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 http://lists.apple.com/archives/security-announce/2016/Jul/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2016-05/ • CWE-122: Heap-based Buffer Overflow CWE-189: Numeric Errors •