Page 9 of 50 results (0.014 seconds)

CVSS: 7.5EPSS: 4%CPEs: 22EXPL: 0

CVE-2017-3731 – Truncated packet could crash via OOB read

https://notcve.org/view.php?id=CVE-2017-3731

If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; users should upgrade to 1.1.0d. For Openssl 1.0.2, the crash can be triggered when using RC4-MD5; users who have not disabled that algorithm should update to 1.0.2k. Si un servidor o cliente SSL/TLS se ejecuta en un host de 32 bits y se utiliza un cifrador específico, un paquete truncado puede dar lugar a que el servidor o el cliente realicen una lectura fuera de límites que, normalmente, provoca un cierre inesperado En OpenSSL 1.1.0, el cierre inesperado se puede desencadenar cuando se usa CHACHA20/POLY1305 An integer underflow leading to an out of bounds read flaw was found in OpenSSL. A remote attacker could possibly use this flaw to crash a 32-bit TLS/SSL server or client using OpenSSL if it used the RC4-MD5 cipher suite. • http://rhn.redhat.com/errata/RHSA-2017-0286.html http://www.debian.org/security/2017/dsa-3773 http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.securityfocus.com/bid/95813 http://www.securitytracker.com/id/1037717 https://access.redhat.com/errata/RHSA-2018:2185 https://access.redhat.com/errata/RHSA-2018 • CWE-125: Out-of-bounds Read •

CVSS: 5.9EPSS: 0%CPEs: 21EXPL: 0

CVE-2017-3732 – BN_mod_exp may produce incorrect results on x86_64

https://notcve.org/view.php?id=CVE-2017-3732

There is a carry propagating bug in the x86_64 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible (although very difficult) because most of the work necessary to deduce information about a private key may be performed offline. The amount of resources required for such an attack would be very significant and likely only accessible to a limited number of attackers. • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.securityfocus.com/bid/95814 http://www.securitytracker.com/id/1037717 https://access.redhat.com/errata/RHSA-2018:2185 https://access.redhat.com/errata/RHSA-2018:2186 https://access.redhat.com/errata/RHSA-2018:2187 https://access.redhat.com/errata/RHSA-2018:2 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.9EPSS: 0%CPEs: 7EXPL: 0

CVE-2016-7055 – openssl: Carry propagating bug in Montgomery multiplication

https://notcve.org/view.php?id=CVE-2016-7055

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not used in operations with the private key itself and an input of the attacker's direct choice. Otherwise the bug can manifest itself as transient authentication and key negotiation failures or reproducible erroneous outcome of public-key operations with specially crafted input. Among EC algorithms only Brainpool P-512 curves are affected and one presumably can attack ECDH key negotiation. • http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.securityfocus.com/bid/94242 http://www.securitytracker.com/id/1037261 https://access.redhat.com/errata/RHSA-2018:2185 https://access.redhat.com/errata/RHSA-2018:2186 https://access.redhat.com/errata/RHSA-2018:2187 https://h20566.www2.hpe.com/hpsc/doc/public • CWE-682: Incorrect Calculation •

CVSS: 7.5EPSS: 78%CPEs: 3EXPL: 0

CVE-2016-7053 – CMS Null dereference

https://notcve.org/view.php?id=CVE-2016-7053

In OpenSSL 1.1.0 before 1.1.0c, applications parsing invalid CMS structures can crash with a NULL pointer dereference. This is caused by a bug in the handling of the ASN.1 CHOICE type in OpenSSL 1.1.0 which can result in a NULL value being passed to the structure callback if an attempt is made to free certain invalid encodings. Only CHOICE structures using a callback which do not handle NULL value are affected. En OpenSSL 1.1.0 anterior a 1.1.0c, las aplicaciones que analizan estructuras CMS inválidas pueden dejar de dar servicio por una referencia a puntero nulo. Esto se produce por un fallo en la gestión del tipo ASN.1 CHOICE en OpenSSL 1.1.0, lo que puede derivar en que un valor NULL sea enviado a la devolución de la llamada si se intenta utilizar varias codificaciones inválidas. • http://www.securityfocus.com/bid/94244 http://www.securitytracker.com/id/1037261 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03744en_us https://www.openssl.org/news/secadv/20161110.txt • CWE-476: NULL Pointer Dereference •

CVSS: 7.5EPSS: 89%CPEs: 3EXPL: 1

CVE-2016-7054 – ChaCha20/Poly1305 heap-buffer-overflow

https://notcve.org/view.php?id=CVE-2016-7054

In OpenSSL 1.1.0 before 1.1.0c, TLS connections using *-CHACHA20-POLY1305 ciphersuites are susceptible to a DoS attack by corrupting larger payloads. This can result in an OpenSSL crash. This issue is not considered to be exploitable beyond a DoS. En OpenSSL 1.1.0 anterior a 1.1.0c, las conexiones TLS que utilizan *-CHACHA20-POLY1305 ciphersuites pueden ser víctimas de una denegación de servicio si se corrompe el payload. Esto puede derivar la caída de OpenSSL. • https://www.exploit-db.com/exploits/40899 http://www.securityfocus.com/bid/94238 http://www.securitytracker.com/id/1037261 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03744en_us https://www.openssl.org/news/secadv/20161110.txt • CWE-284: Improper Access Control •