// For flags

CVE-2016-0797

OpenSSL: BN_hex2bn/BN_dec2bn NULL pointer deref/heap corruption

Severity Score

7.5
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Multiple integer overflows in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g allow remote attackers to cause a denial of service (heap memory corruption or NULL pointer dereference) or possibly have unspecified other impact via a long digit string that is mishandled by the (1) BN_dec2bn or (2) BN_hex2bn function, related to crypto/bn/bn.h and crypto/bn/bn_print.c.

Múltiples desbordamientos de entero en OpenSSL 1.0.1 en versiones anteriores a 1.0.1s y 1.0.2 en versiones anteriores a 1.0.2g permiten a atacantes remotos causar una denegación de servicio (corrupción de memoria dinámica o referencia a puntero NULL) o posiblemente tener otro impacto no especificado a través de una cadena de dígitos de gran tamaño que no es manejada correctamente por la función (1) BN_dec2bn o (2) BN_hex2bn, relacionada con crypto/bn/bn.h y crypto/bn/bn_print.c.

An integer overflow flaw, leading to a NULL pointer dereference or a heap-based memory corruption, was found in the way some BIGNUM functions of OpenSSL were implemented. Applications that use these functions with large untrusted input could crash or, potentially, execute arbitrary code.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
Attack Vector
Network
Attack Complexity
Medium
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2015-12-16 CVE Reserved
  • 2016-03-01 CVE Published
  • 2024-08-05 CVE Updated
  • 2024-11-08 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
CAPEC
References (46)
URL Date SRC
URL Date SRC
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00005.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html 2023-11-07
http://marc.info/?l=bugtraq&m=145889460330120&w=2 2023-11-07
http://openssl.org/news/secadv/20160301.txt 2023-11-07
http://rhn.redhat.com/errata/RHSA-2016-2957.html 2023-11-07
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl 2023-11-07
http://www.debian.org/security/2016/dsa-3500 2023-11-07
http://www.ubuntu.com/usn/USN-2914-1 2023-11-07
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:12.openssl.asc 2023-11-07
https://security.gentoo.org/glsa/201603-15 2023-11-07
https://www.openssl.org/news/secadv/20160301.txt 2023-11-07
https://access.redhat.com/security/cve/CVE-2016-0797 2016-12-15
https://bugzilla.redhat.com/show_bug.cgi?id=1311880 2016-12-15
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1
Search vendor "Openssl" for product "Openssl" and version "1.0.1"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1
Search vendor "Openssl" for product "Openssl" and version "1.0.1"
beta1
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1
Search vendor "Openssl" for product "Openssl" and version "1.0.1"
beta2
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1
Search vendor "Openssl" for product "Openssl" and version "1.0.1"
beta3
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1a
Search vendor "Openssl" for product "Openssl" and version "1.0.1a"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1b
Search vendor "Openssl" for product "Openssl" and version "1.0.1b"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1c
Search vendor "Openssl" for product "Openssl" and version "1.0.1c"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1d
Search vendor "Openssl" for product "Openssl" and version "1.0.1d"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1e
Search vendor "Openssl" for product "Openssl" and version "1.0.1e"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1f
Search vendor "Openssl" for product "Openssl" and version "1.0.1f"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1g
Search vendor "Openssl" for product "Openssl" and version "1.0.1g"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1h
Search vendor "Openssl" for product "Openssl" and version "1.0.1h"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1i
Search vendor "Openssl" for product "Openssl" and version "1.0.1i"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1j
Search vendor "Openssl" for product "Openssl" and version "1.0.1j"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1k
Search vendor "Openssl" for product "Openssl" and version "1.0.1k"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1l
Search vendor "Openssl" for product "Openssl" and version "1.0.1l"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1m
Search vendor "Openssl" for product "Openssl" and version "1.0.1m"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1n
Search vendor "Openssl" for product "Openssl" and version "1.0.1n"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1o
Search vendor "Openssl" for product "Openssl" and version "1.0.1o"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1p
Search vendor "Openssl" for product "Openssl" and version "1.0.1p"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1q
Search vendor "Openssl" for product "Openssl" and version "1.0.1q"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1r
Search vendor "Openssl" for product "Openssl" and version "1.0.1r"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2
Search vendor "Openssl" for product "Openssl" and version "1.0.2"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2
Search vendor "Openssl" for product "Openssl" and version "1.0.2"
beta1
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2
Search vendor "Openssl" for product "Openssl" and version "1.0.2"
beta2
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2
Search vendor "Openssl" for product "Openssl" and version "1.0.2"
beta3
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2a
Search vendor "Openssl" for product "Openssl" and version "1.0.2a"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2b
Search vendor "Openssl" for product "Openssl" and version "1.0.2b"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2c
Search vendor "Openssl" for product "Openssl" and version "1.0.2c"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2d
Search vendor "Openssl" for product "Openssl" and version "1.0.2d"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2e
Search vendor "Openssl" for product "Openssl" and version "1.0.2e"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2f
Search vendor "Openssl" for product "Openssl" and version "1.0.2f"
-
Affected
Nodejs
Search vendor "Nodejs"
Node.js
Search vendor "Nodejs" for product "Node.js"
>= 4.0.0 < 4.1.2
Search vendor "Nodejs" for product "Node.js" and version " >= 4.0.0 < 4.1.2"
-
Affected
Nodejs
Search vendor "Nodejs"
Node.js
Search vendor "Nodejs" for product "Node.js"
>= 4.2.0 < 4.3.2
Search vendor "Nodejs" for product "Node.js" and version " >= 4.2.0 < 4.3.2"
lts
Affected
Nodejs
Search vendor "Nodejs"
Node.js
Search vendor "Nodejs" for product "Node.js"
>= 5.0.0 < 5.7.1
Search vendor "Nodejs" for product "Node.js" and version " >= 5.0.0 < 5.7.1"
-
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
12.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"
-
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
14.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04"
esm
Affected
Canonical
Search vendor "Canonical"
Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
15.10
Search vendor "Canonical" for product "Ubuntu Linux" and version "15.10"
-
Affected
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
7.0
Search vendor "Debian" for product "Debian Linux" and version "7.0"
-
Affected
Debian
Search vendor "Debian"
Debian Linux
Search vendor "Debian" for product "Debian Linux"
8.0
Search vendor "Debian" for product "Debian Linux" and version "8.0"
-
Affected