Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
Test ID: | 1.3.6.1.4.1.25623.1.0.108772 |
Category: | Huawei |
Title: | Huawei Data Communication: Sixteen OpenSSL Vulnerabilities on Some Huawei products (huawei-sa-20170322-01-openssl) |
Summary: | Statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call. |
Description: | Summary: Statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call. Vulnerability Insight: Statem/statem.c in OpenSSL 1.1.0a does not consider memory-block movement after a realloc call, which allows remote attackers to cause a denial of service (use-after-free) or possibly execute arbitrary code via a crafted TLS session. (Vulnerability ID: HWPSIRT-2016-09065)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-6309.Crypto/x509/x509_vfy.c in OpenSSL 1.0.2i allows remote attackers to cause a denial of service by triggering a CRL operation. (Vulnerability ID: HWPSIRT-2016-09078)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-7052.Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service via large OCSP Status Request extensions. (Vulnerability ID: HWPSIRT-2016-09079)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-6304.The ssl3_read_bytes function in record/rec_layer_s3.c in OpenSSL 1.1.0 before 1.1.0a allows remote attackers to cause a denial of service by triggering a zero-length record in an SSL_peek call. (Vulnerability ID: HWPSIRT-2016-09080)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-6305.The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a 'Sweet32' attack. (Vulnerability ID: HWPSIRT-2016-09081)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2183.Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service. (Vulnerability ID: HWPSIRT-2016-09082)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-6303.The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short. (Vulnerability ID: HWPSIRT-2016-09083)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-6302.The BN_bn2dec function in crypto/bn/bn_print.c in OpenSSL before 1.1.0 does not properly validate division results, which allows remote attackers to cause a denial of service. (Vulnerability ID: HWPSIRT-2016-09084)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2182.The TS_OBJ_print_bio function in crypto/ts/ts_lib.c in the X.509 Public Key Infrastructure Time-Stamp Protocol (TSP) implementation in OpenSSL through 1.0.2h allows remote attackers to cause a denial of service via a crafted time-stamp file that is mishandled by the 'openssl ts' command. (Vulnerability ID: HWPSIRT-2016-09085)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2180.OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service. (Vulnerability ID: HWPSIRT-2016-09086)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2177.The dsa_sign_setup function in crypto/dsa/dsa_ossl.c in OpenSSL through 1.0.2h does not properly ensure the use of constant-time operations, which makes it easier for local users to discover a DSA private key via a timing side-channel attack. (Vulnerability ID: HWPSIRT-2016-09087)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2178.The DTLS implementation in OpenSSL before 1.1.0 does not properly restrict the lifetime of queue entries associated with unused out-of-order messages, which allows remote attackers to cause a denial of service by maintaining many crafted DTLS sessions simultaneously. (Vulnerability ID: HWPSIRT-2016-09088)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2179.The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 exist a vulnerability, which allows remote attackers to cause a denial of service. (Vulnerability ID: HWPSIRT-2016-09089)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-2181.The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service via crafted certificate operations. (Vulnerability ID: HWPSIRT-2016-09090)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-6306.The state-machine implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service via crafted TLS messages. (Vulnerability ID: HWPSIRT-2016-09091)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-6307.Statem/statem_dtls.c in the DTLS implementation in OpenSSL 1.1.0 before 1.1.0a allocates memory before checking for an excessive length, which might allow remote attackers to cause a denial of service via crafted DTLS messages. (Vulnerability ID: HWPSIRT-2016-09092)This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2016-6308.Huawei has released software updates to fix these vulnerabilities. This advisory is available in the linked references. Vulnerability Impact: For technical details, customers are advised to check the references. Affected Software/OS: AC6005 versions V200R005C10 AC6605 versions V200R005C00 V200R005C10 AP5000 versions V200R007C10SPC300 AP5010SN-GN versions V200R005C10 AP5030DN versions V200R005C10 AP5130DN versions V200R005C10 AP6010SN-GN versions V200R005C10 AP6310SN-GN versions V200R005C10 AP6510DN-AGN versions V200R005C10 AP6610DN-AGN versions V200R005C10 AP7030DE versions V200R005C10 V200R005C20 AP7110DN-AGN versions V200R005C10 AP7110SN-GN versions V200R005C10 AP8030DN versions V200R005C10 AP8130DN versions V200R005C10 AP9330DN versions V200R005C20 AR3200 versions V200R008C10 V200R008C20 DP300 versions V500R002C00 E6000 versions V100R002C03 FusionManager versions V100R005C00 HiSTBAndroid versions Versions earlier than V600R001C00SPC066 IPC6112-D versions V100R001C10 IPC6611-Z30-I versions V100R001C00 OceanStor 9000 versions V100R001C01 V100R001C30 V300R005C00 OceanStor Backup Software versions V100R002C00 OceanStor UDS versions V100R002C00LVDF01 V1R2C01LHWS01RC3 V1R2C01LHWS01RC6 RH5885 V2 versions V100R001C01 V100R001C02 RH5885 V3 versions V100R003C01 V100R003C10 SMSC versions V300R002C90LG0005 SeMG9811 versions V300R001C01 TE30 versions V100R001C02B053SP02 V100R001C02B053SP03 V100R001C02SPC100 V100R001C02SPC100B011 V100R001C02SPC100B012 V100R001C02SPC100B013 V100R001C02SPC100B014 V100R001C02SPC100B015 V100R001C02SPC100B016 V100R001C02SPC100T V100R001C02SPC100TB010 V100R001C02SPC101T V100R001C02SPC101TB010 V100R001C02SPC102T V100R001C02SPC102TB010 V100R001C02SPC103T V100R001C02SPC103TB010 V100R001C02SPC200 V100R001C02SPC200B010 V100R001C02SPC200B011 V100R001C02SPC200T V100R001C02SPC200TB010 V100R001C02SPC201TB010 V100R001C02SPC202T V100R001C02SPC202TB010 V100R001C02SPC203T V100R001C02SPC300B010 V100R001C10 V100R001C10SPC100 V100R001C10SPC200B010 V100R001C10SPC300 V100R001C10SPC500 V100R001C10SPC600 V100R001C10SPC700B010 V100R001C10SPC800 V500R002C00SPC200 V500R002C00SPC500 V500R002C00SPC600 V500R002C00SPC700 TE40 versions V500R002C00SPC600 V500R002C00SPC700 TE60 versions V100R001C10 V500R002C00 USG9520 versions V200R001C01 V300R001C01 V300R001C20 USG9560 versions V200R001C01 V300R001C01 V300R001C20 USG9580 versions V200R001C01 V300R001C01 V300R001C20 VCM versions V100R001C10 V100R001C10SPC001 V100R001C10SPC002 V100R001C10SPC003 V100R001C10SPC004 V100R001C10SPC005 V100R001C10SPC006 V100R001C20 ViewPoint 9030 versions V100R011C02SPC100 V100R011C02SPC100B010 V100R011C03B012SP15 V100R011C03B012SP16 V100R011C03B015SP03 V100R011C03LGWL01SPC100 V100R011C03LGWL01SPC100B012 V100R011C03LGWL02SPC100T V100R011C03SPC100 V100R011C03SPC100B010 V100R011C03SPC100B011 V100R011C03SPC100B012 V100R011C03SPC100T V100R011C03SPC200 V100R011C03SPC200T V100R011C03SPC300 V100R011C03SPC400 eAPP610 versions V100R003C00 eLog versions V200R005C00SPC100 V200R005C00SPC101 eSpace 7910 versions V200R003C00 eSpace 7950 versions V200R003C00SPCf00 V200R003C30 eSpace 8950 versions V200R003C00 eSpace IAD versions V300R002C01SPCb00 eSpace U1981 versions V200R003C30 eSpace USM versions V100R001C10SPC105 V300R001C00 eSpace VCN3000 versions V100R002C00SPC100 V100R002C00SPC108 V100R002C00SPC109 V100R002C10B026 V100R002C10SPC001 V100R002C10SPC100 V100R002C10SPC100T V100R002C10SPC101 V100R002C10SPC101T V100R002C10SPC102 V100R002C10SPC102T V100R002C10SPC102TB011 V100R002C10SPC103 V100R002C10SPC103T V100R002C10SPC105T V100R002C10SPC106 V100R002C10SPC107 V100R002C10SPC107_B1253000 V100R002C10SPC108 V100R002C20B022 V100R002C20SPC001B012 V100R002C20SPC001T V100R002C20SPC100 V100R002C20SPC200 V100R002C20SPC201 V100R002C20SPC201T V100R002C20SPC201TB012 iBMC versions V100R002C10 V100R002C30 V200R002C20 Solution: See the referenced vendor advisory for a solution. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C |
Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-6309 BugTraq ID: 93177 http://www.securityfocus.com/bid/93177 http://www.securitytracker.com/id/1036885 Common Vulnerability Exposure (CVE) ID: CVE-2016-7052 BugTraq ID: 93171 http://www.securityfocus.com/bid/93171 FreeBSD Security Advisory: FreeBSD-SA-16:26 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:27.openssl.asc https://security.gentoo.org/glsa/201612-16 SuSE Security Announcement: SUSE-SU-2016:2470 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html Common Vulnerability Exposure (CVE) ID: CVE-2016-6304 BugTraq ID: 93150 http://www.securityfocus.com/bid/93150 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc RedHat Security Advisories: RHSA-2016:1940 http://rhn.redhat.com/errata/RHSA-2016-1940.html RedHat Security Advisories: RHSA-2016:2802 http://rhn.redhat.com/errata/RHSA-2016-2802.html RedHat Security Advisories: RHSA-2017:1413 https://access.redhat.com/errata/RHSA-2017:1413 RedHat Security Advisories: RHSA-2017:1414 https://access.redhat.com/errata/RHSA-2017:1414 RedHat Security Advisories: RHSA-2017:1415 http://rhn.redhat.com/errata/RHSA-2017-1415.html RedHat Security Advisories: RHSA-2017:1658 https://access.redhat.com/errata/RHSA-2017:1658 RedHat Security Advisories: RHSA-2017:1659 http://rhn.redhat.com/errata/RHSA-2017-1659.html RedHat Security Advisories: RHSA-2017:1801 https://access.redhat.com/errata/RHSA-2017:1801 RedHat Security Advisories: RHSA-2017:1802 https://access.redhat.com/errata/RHSA-2017:1802 RedHat Security Advisories: RHSA-2017:2493 https://access.redhat.com/errata/RHSA-2017:2493 RedHat Security Advisories: RHSA-2017:2494 https://access.redhat.com/errata/RHSA-2017:2494 http://www.securitytracker.com/id/1036878 http://www.securitytracker.com/id/1037640 Common Vulnerability Exposure (CVE) ID: CVE-2016-6305 BugTraq ID: 93149 http://www.securityfocus.com/bid/93149 http://www.securitytracker.com/id/1036879 Common Vulnerability Exposure (CVE) ID: CVE-2016-2183 BugTraq ID: 92630 http://www.securityfocus.com/bid/92630 BugTraq ID: 95568 http://www.securityfocus.com/bid/95568 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697 http://www-01.ibm.com/support/docview.wss?uid=swg21991482 http://www-01.ibm.com/support/docview.wss?uid=swg21995039 http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html http://www.splunk.com/view/SP-CAAAPSV http://www.splunk.com/view/SP-CAAAPUE https://access.redhat.com/articles/2548661 https://access.redhat.com/security/cve/cve-2016-2183 https://bto.bluecoat.com/security-advisory/sa133 https://bugzilla.redhat.com/show_bug.cgi?id=1369383 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03765en_us https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05349499 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849 https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312 https://kc.mcafee.com/corporate/index?page=content&id=SB10171 https://kc.mcafee.com/corporate/index?page=content&id=SB10310 https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/ https://security.netapp.com/advisory/ntap-20160915-0001/ https://security.netapp.com/advisory/ntap-20170119-0001/ https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008 https://www.openssl.org/blog/blog/2016/08/24/sweet32/ https://www.tenable.com/security/tns-2016-16 https://www.tenable.com/security/tns-2016-20 https://www.tenable.com/security/tns-2016-21 https://www.tenable.com/security/tns-2017-09 https://security.gentoo.org/glsa/201701-65 https://security.gentoo.org/glsa/201707-01 https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls/ https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633 https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02 https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack/ https://sweet32.info/ https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish/ https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.oracle.com/security-alerts/cpujul2020.html https://www.oracle.com/security-alerts/cpuoct2020.html https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html https://www.sigsac.org/ccs/CCS2016/accepted-papers/ https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue https://www.ietf.org/mail-archive/web/tls/current/msg04560.html RedHat Security Advisories: RHSA-2017:0336 http://rhn.redhat.com/errata/RHSA-2017-0336.html RedHat Security Advisories: RHSA-2017:0337 http://rhn.redhat.com/errata/RHSA-2017-0337.html RedHat Security Advisories: RHSA-2017:0338 http://rhn.redhat.com/errata/RHSA-2017-0338.html RedHat Security Advisories: RHSA-2017:0462 http://rhn.redhat.com/errata/RHSA-2017-0462.html RedHat Security Advisories: RHSA-2017:1216 https://access.redhat.com/errata/RHSA-2017:1216 RedHat Security Advisories: RHSA-2017:2708 https://access.redhat.com/errata/RHSA-2017:2708 RedHat Security Advisories: RHSA-2017:2709 https://access.redhat.com/errata/RHSA-2017:2709 RedHat Security Advisories: RHSA-2017:2710 https://access.redhat.com/errata/RHSA-2017:2710 RedHat Security Advisories: RHSA-2017:3113 https://access.redhat.com/errata/RHSA-2017:3113 RedHat Security Advisories: RHSA-2017:3114 https://access.redhat.com/errata/RHSA-2017:3114 RedHat Security Advisories: RHSA-2017:3239 https://access.redhat.com/errata/RHSA-2017:3239 RedHat Security Advisories: RHSA-2017:3240 https://access.redhat.com/errata/RHSA-2017:3240 RedHat Security Advisories: RHSA-2018:2123 https://access.redhat.com/errata/RHSA-2018:2123 RedHat Security Advisories: RHSA-2019:1245 https://access.redhat.com/errata/RHSA-2019:1245 RedHat Security Advisories: RHSA-2019:2859 https://access.redhat.com/errata/RHSA-2019:2859 RedHat Security Advisories: RHSA-2020:0451 https://access.redhat.com/errata/RHSA-2020:0451 http://www.securitytracker.com/id/1036696 Common Vulnerability Exposure (CVE) ID: CVE-2016-6303 BugTraq ID: 92984 http://www.securityfocus.com/bid/92984 Common Vulnerability Exposure (CVE) ID: CVE-2016-6302 BugTraq ID: 92628 http://www.securityfocus.com/bid/92628 RedHat Security Advisories: RHSA-2018:2185 https://access.redhat.com/errata/RHSA-2018:2185 RedHat Security Advisories: RHSA-2018:2186 https://access.redhat.com/errata/RHSA-2018:2186 RedHat Security Advisories: RHSA-2018:2187 https://access.redhat.com/errata/RHSA-2018:2187 Common Vulnerability Exposure (CVE) ID: CVE-2016-2182 BugTraq ID: 92557 http://www.securityfocus.com/bid/92557 http://www.securitytracker.com/id/1036688 http://www.securitytracker.com/id/1037968 Common Vulnerability Exposure (CVE) ID: CVE-2016-2180 BugTraq ID: 92117 http://www.securityfocus.com/bid/92117 http://www.securitytracker.com/id/1036486 Common Vulnerability Exposure (CVE) ID: CVE-2016-2177 BugTraq ID: 91319 http://www.securityfocus.com/bid/91319 https://ics-cert.us-cert.gov/advisories/ICSA-18-144-01 RedHat Security Advisories: RHSA-2016:2957 http://rhn.redhat.com/errata/RHSA-2016-2957.html RedHat Security Advisories: RHSA-2017:0193 https://access.redhat.com/errata/RHSA-2017:0193 RedHat Security Advisories: RHSA-2017:0194 https://access.redhat.com/errata/RHSA-2017:0194 http://www.securitytracker.com/id/1036088 Common Vulnerability Exposure (CVE) ID: CVE-2016-2178 BugTraq ID: 91081 http://www.securityfocus.com/bid/91081 http://eprint.iacr.org/2016/594.pdf http://www.openwall.com/lists/oss-security/2016/06/08/2 http://www.openwall.com/lists/oss-security/2016/06/09/8 http://www.securitytracker.com/id/1036054 Common Vulnerability Exposure (CVE) ID: CVE-2016-2179 BugTraq ID: 92987 http://www.securityfocus.com/bid/92987 http://www.securitytracker.com/id/1036689 Common Vulnerability Exposure (CVE) ID: CVE-2016-2181 BugTraq ID: 92982 http://www.securityfocus.com/bid/92982 http://www.securitytracker.com/id/1036690 Common Vulnerability Exposure (CVE) ID: CVE-2016-6306 BugTraq ID: 93153 http://www.securityfocus.com/bid/93153 https://bto.bluecoat.com/security-advisory/sa132 https://git.openssl.org/?p=openssl.git;a=commit;h=52e623c4cb06fffa9d5e75c60b34b4bc130b12e9 https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us https://www.openssl.org/news/secadv/20160922.txt Common Vulnerability Exposure (CVE) ID: CVE-2016-6307 BugTraq ID: 93152 http://www.securityfocus.com/bid/93152 Common Vulnerability Exposure (CVE) ID: CVE-2016-6308 BugTraq ID: 93151 http://www.securityfocus.com/bid/93151 |
Copyright | Copyright (C) 2020 Greenbone Networks GmbH |
This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |