CVE ID:	CVE-2016-2177
Description:	OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap- buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.
Test IDs:	1.3.6.1.4.1.25623.1.1.4.2017.2699.1   1.3.6.1.4.1.25623.1.1.1.2.2016.637   1.3.6.1.4.1.25623.1.0.703673   1.3.6.1.4.1.25623.1.1.4.2017.2700.1
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2016-2177 BugTraq ID: 91319 http://www.securityfocus.com/bid/91319 Bugtraq: 20170801 [security bulletin] HPESBHF03763 rev.1 - HPE Comware 7, IMC, VCX products using OpenSSL, Remote Denial of Service (DoS) (Google Search) http://www.securityfocus.com/archive/1/540957/100/0/threaded Bugtraq: 20170801 [security bulletin] HPESBHF03763 rev.1 - HPE Comware 7, IMC, VCX products using OpenSSL, Remote Denial of Service (DoS) (Google Search) http://www.securityfocus.com/archive/1/archive/1/540957/100/0/threaded Cisco Security Advisory: 20160927 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl Debian Security Information: DSA-3673 (Google Search) http://www.debian.org/security/2016/dsa-3673 FreeBSD Security Advisory: FreeBSD-SA-16:26 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc http://seclists.org/fulldisclosure/2017/Jul/31 https://security.gentoo.org/glsa/201612-16 https://ics-cert.us-cert.gov/advisories/ICSA-18-144-01 https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24 http://www.openwall.com/lists/oss-security/2016/06/08/9 RedHat Security Advisories: RHSA-2016:1940 http://rhn.redhat.com/errata/RHSA-2016-1940.html RedHat Security Advisories: RHSA-2016:2957 http://rhn.redhat.com/errata/RHSA-2016-2957.html RedHat Security Advisories: RHSA-2017:0193 https://access.redhat.com/errata/RHSA-2017:0193 RedHat Security Advisories: RHSA-2017:0194 https://access.redhat.com/errata/RHSA-2017:0194 RedHat Security Advisories: RHSA-2017:1658 https://access.redhat.com/errata/RHSA-2017:1658 RedHat Security Advisories: RHSA-2017:1659 http://rhn.redhat.com/errata/RHSA-2017-1659.html http://www.securitytracker.com/id/1036088 SuSE Security Announcement: SUSE-SU-2016:2387 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html SuSE Security Announcement: SUSE-SU-2016:2394 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html SuSE Security Announcement: SUSE-SU-2016:2458 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html SuSE Security Announcement: SUSE-SU-2016:2468 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html SuSE Security Announcement: SUSE-SU-2016:2469 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html SuSE Security Announcement: SUSE-SU-2017:2699 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html SuSE Security Announcement: SUSE-SU-2017:2700 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html SuSE Security Announcement: openSUSE-SU-2016:2391 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html SuSE Security Announcement: openSUSE-SU-2016:2407 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html SuSE Security Announcement: openSUSE-SU-2016:2537 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html SuSE Security Announcement: openSUSE-SU-2018:0458 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html http://www.ubuntu.com/usn/USN-3087-1 http://www.ubuntu.com/usn/USN-3087-2 http://www.ubuntu.com/usn/USN-3181-1