// For flags

CVE-2016-2177

openssl: Possible integer overflow vulnerabilities in codebase

Severity Score

9.8
*CVSS v3

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.

OpenSSL hasta la versión 1.0.2h no utiliza correctamente la aritmética de puntero para comprobaciones de límites de buffer de memoria dinámica, lo que podría permitir a atacantes remotos provocar una denegación de servicio (desbordamiento de entero y caída de aplicación) o posiblemente tener otro impacto no especificado aprovechando un comportamiento malloc no esperado, relacionado con s3_srvr.c, ssl_sess.c, y t1_lib.c.

Multiple integer overflow flaws were found in the way OpenSSL performed pointer arithmetic. A remote attacker could possibly use these flaws to cause a TLS/SSL server or client using OpenSSL to crash.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
None
Integrity
None
Availability
Partial
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2016-01-29 CVE Reserved
  • 2016-06-20 CVE Published
  • 2024-04-12 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-190: Integer Overflow or Wraparound
CAPEC
References (65)
URL Tag Source
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 Third Party Advisory
http://seclists.org/fulldisclosure/2017/Jul/31 Mailing List
http://www-01.ibm.com/support/docview.wss?uid=swg21995039 Third Party Advisory
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en
http://www.openwall.com/lists/oss-security/2016/06/08/9 Mailing List
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html Third Party Advisory
http://www.securityfocus.com/archive/1/540957/100/0/threaded Mailing List
http://www.securityfocus.com/archive/1/archive/1/540957/100/0/threaded Mailing List
http://www.securityfocus.com/bid/91319 Third Party Advisory
http://www.securitytracker.com/id/1036088 Third Party Advisory
http://www.splunk.com/view/SP-CAAAPSV Third Party Advisory
http://www.splunk.com/view/SP-CAAAPUE Third Party Advisory
https://bto.bluecoat.com/security-advisory/sa132 Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=a004e72b95835136d3f1ea90517f706c24c03da7
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03763en_us
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448 Third Party Advisory
https://ics-cert.us-cert.gov/advisories/ICSA-18-144-01
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312 Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10165 Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10215
https://support.f5.com/csp/article/K23873366
https://support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-hpesbhf03856en_us
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us
https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24
https://www.citect.schneider-electric.com/safety-and-security-central/36-security-notifications/9134-vulnerabilities-within-schneider-electric-floating-license-manager
https://www.schneider-electric.com/en/download/document/SEVD-2018-137-01
https://www.schneider-electric.com/en/download/document/SEVD-2018-144-01
https://www.tenable.com/security/tns-2016-16 Third Party Advisory
https://www.tenable.com/security/tns-2016-20
https://www.tenable.com/security/tns-2016-21
URL Date SRC
URL Date SRC
http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html 2023-11-07
http://rhn.redhat.com/errata/RHSA-2016-1940.html 2023-11-07
http://rhn.redhat.com/errata/RHSA-2016-2957.html 2023-11-07
http://rhn.redhat.com/errata/RHSA-2017-1659.html 2023-11-07
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl 2023-11-07
http://www.debian.org/security/2016/dsa-3673 2023-11-07
http://www.ubuntu.com/usn/USN-3087-1 2023-11-07
http://www.ubuntu.com/usn/USN-3087-2 2023-11-07
http://www.ubuntu.com/usn/USN-3181-1 2023-11-07
https://access.redhat.com/errata/RHSA-2017:0193 2023-11-07
https://access.redhat.com/errata/RHSA-2017:0194 2023-11-07
https://access.redhat.com/errata/RHSA-2017:1658 2023-11-07
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc 2023-11-07
https://access.redhat.com/security/cve/CVE-2016-2177 2017-06-28
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Hp
Search vendor "Hp"
Icewall Mcrp
Search vendor "Hp" for product "Icewall Mcrp"
3.0
Search vendor "Hp" for product "Icewall Mcrp" and version "3.0"
-
Affected
Hp
Search vendor "Hp"
Icewall Sso
Search vendor "Hp" for product "Icewall Sso"
10.0
Search vendor "Hp" for product "Icewall Sso" and version "10.0"
certd
Affected
Hp
Search vendor "Hp"
Icewall Sso
Search vendor "Hp" for product "Icewall Sso"
10.0
Search vendor "Hp" for product "Icewall Sso" and version "10.0"
dfw
Affected
Hp
Search vendor "Hp"
Icewall Sso Agent Option
Search vendor "Hp" for product "Icewall Sso Agent Option"
10.0
Search vendor "Hp" for product "Icewall Sso Agent Option" and version "10.0"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1
Search vendor "Openssl" for product "Openssl" and version "1.0.1"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1a
Search vendor "Openssl" for product "Openssl" and version "1.0.1a"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1b
Search vendor "Openssl" for product "Openssl" and version "1.0.1b"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1c
Search vendor "Openssl" for product "Openssl" and version "1.0.1c"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1d
Search vendor "Openssl" for product "Openssl" and version "1.0.1d"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1e
Search vendor "Openssl" for product "Openssl" and version "1.0.1e"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1f
Search vendor "Openssl" for product "Openssl" and version "1.0.1f"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1g
Search vendor "Openssl" for product "Openssl" and version "1.0.1g"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1h
Search vendor "Openssl" for product "Openssl" and version "1.0.1h"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1i
Search vendor "Openssl" for product "Openssl" and version "1.0.1i"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1j
Search vendor "Openssl" for product "Openssl" and version "1.0.1j"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1k
Search vendor "Openssl" for product "Openssl" and version "1.0.1k"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1l
Search vendor "Openssl" for product "Openssl" and version "1.0.1l"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1m
Search vendor "Openssl" for product "Openssl" and version "1.0.1m"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1n
Search vendor "Openssl" for product "Openssl" and version "1.0.1n"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1o
Search vendor "Openssl" for product "Openssl" and version "1.0.1o"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1p
Search vendor "Openssl" for product "Openssl" and version "1.0.1p"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1q
Search vendor "Openssl" for product "Openssl" and version "1.0.1q"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1r
Search vendor "Openssl" for product "Openssl" and version "1.0.1r"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1s
Search vendor "Openssl" for product "Openssl" and version "1.0.1s"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.1t
Search vendor "Openssl" for product "Openssl" and version "1.0.1t"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2
Search vendor "Openssl" for product "Openssl" and version "1.0.2"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2a
Search vendor "Openssl" for product "Openssl" and version "1.0.2a"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2b
Search vendor "Openssl" for product "Openssl" and version "1.0.2b"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2c
Search vendor "Openssl" for product "Openssl" and version "1.0.2c"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2d
Search vendor "Openssl" for product "Openssl" and version "1.0.2d"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2e
Search vendor "Openssl" for product "Openssl" and version "1.0.2e"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2f
Search vendor "Openssl" for product "Openssl" and version "1.0.2f"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2g
Search vendor "Openssl" for product "Openssl" and version "1.0.2g"
-
Affected
Openssl
Search vendor "Openssl"
Openssl
Search vendor "Openssl" for product "Openssl"
1.0.2h
Search vendor "Openssl" for product "Openssl" and version "1.0.2h"
-
Affected
Oracle
Search vendor "Oracle"
Linux
Search vendor "Oracle" for product "Linux"
5
Search vendor "Oracle" for product "Linux" and version "5"
-
Affected
Oracle
Search vendor "Oracle"
Linux
Search vendor "Oracle" for product "Linux"
6
Search vendor "Oracle" for product "Linux" and version "6"
-
Affected
Oracle
Search vendor "Oracle"
Linux
Search vendor "Oracle" for product "Linux"
7
Search vendor "Oracle" for product "Linux" and version "7"
-
Affected
Oracle
Search vendor "Oracle"
Solaris
Search vendor "Oracle" for product "Solaris"
10
Search vendor "Oracle" for product "Solaris" and version "10"
-
Affected
Oracle
Search vendor "Oracle"
Solaris
Search vendor "Oracle" for product "Solaris"
11.3
Search vendor "Oracle" for product "Solaris" and version "11.3"
-
Affected