Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-6302

Опубликовано: 23 авг. 2016
Источник: redhat
CVSS3: 5.9
CVSS2: 4.3

Описание

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.

An integer underflow flaw leading to a buffer over-read was found in the way OpenSSL parsed TLS session tickets. A remote attacker could use this flaw to crash a TLS server using OpenSSL if it used SHA-512 as HMAC for session tickets.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5opensslNot affected
Red Hat Enterprise Linux 5openssl097aNot affected
Red Hat Enterprise Linux 6openssl098eNot affected
Red Hat Enterprise Linux 7openssl098eNot affected
Red Hat Enterprise Linux 7OVMFNot affected
Red Hat JBoss Enterprise Application Platform 6opensslAffected
Red Hat JBoss Enterprise Web Server 1opensslWill not fix
Red Hat JBoss Enterprise Web Server 2opensslWill not fix
Red Hat JBoss Enterprise Web Server 3opensslFix deferred
JBoss Core Services on RHEL 6jbcs-httpd24-apache-commons-daemonFixedRHSA-2018:218612.07.2018

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-190->CWE-125
https://bugzilla.redhat.com/show_bug.cgi?id=1369855openssl: Insufficient TLS session ticket HMAC length checks

5.9 Medium

CVSS3

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-6302

CVSS3: 7.5
ubuntu
почти 9 лет назад

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.

nvd логотип

CVE-2016-6302

CVSS3: 7.5
nvd
почти 9 лет назад

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.

debian логотип

CVE-2016-6302

CVSS3: 7.5
debian
почти 9 лет назад

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1. ...

github логотип

GHSA-h9vm-qp4h-23fm

CVSS3: 7.5
github
около 3 лет назад

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.

fstec логотип

BDU:2022-02462

CVSS3: 7.5
fstec
почти 9 лет назад

Уязвимость функции tls_decrypt_ticket (ssl/t1_lib.c) библиотеки OpenSSL существует из-за недостаточной проверки входных данных, позволяющая нарушителю вызвать отказ в обслуживании

5.9 Medium

CVSS3

4.3 Medium

CVSS2