Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
891
VMScore

CVE-2016-2108

Published: 05/05/2016 Updated: 07/11/2023
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 891
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Redhat

Vulnerability Summary

The ASN.1 implementation in OpenSSL prior to 1.0.1o and 1.0.2 prior to 1.0.2c allows remote malicious users to execute arbitrary code or cause a denial of service (buffer underflow and memory corruption) via an ANY field in crafted serialized data, aka the "negative zero" issue.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

redhat enterprise linux hpc node 6.0

redhat enterprise linux desktop 6.0

redhat enterprise linux server 6.0

redhat enterprise linux workstation 6.0

openssl openssl 1.0.2a

openssl openssl 1.0.2b

openssl openssl 1.0.2

openssl openssl

redhat enterprise linux desktop 7.0

redhat enterprise linux server aus 7.2

redhat enterprise linux workstation 7.0

redhat enterprise linux server 7.0

redhat enterprise linux hpc node 7.0

redhat enterprise linux server eus 7.2

redhat enterprise linux hpc node eus 7.2

google android 5.1.0

google android 4.2

google android 4.1

google android 6.0.1

google android 6.0

google android 4.0.2

google android 4.4.3

google android 4.0.4

google android 4.3

google android 4.0.1

google android 4.2.1

google android 5.0.1

google android 5.0

google android 4.0.3

google android 4.0

google android 4.4

google android 4.4.1

google android 4.2.2

google android 4.3.1

google android 4.4.2

google android 5.1

google android 4.1.2

Vendor Advisories

Ubuntu Security Notice: openssl vulnerabilities
Several security issues were fixed in OpenSSL ...
Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 6
Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2423 Release on RHEL 6 Type/Severity Security Advisory: Important Topic Updated packages that provide Red Hat JBoss Core Services Pack Apache Server 2423 and fix several bugs, and add various enhancements are now available for Red Hat En ...
Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Release on RHEL 7
Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2423 Release on RHEL 7 Type/Severity Security Advisory: Important Topic An update is now available for JBoss Core Services on RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerab ...
Red Hat: Important: openssl security update
Synopsis Important: openssl security update Type/Severity Security Advisory: Important Topic An update for openssl is now available for Red Hat Enterprise Linux 67 Extended Update SupportRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring ...
Red Hat: Important: Red Hat JBoss Core Services Apache HTTP 2.4.23 Release
Synopsis Important: Red Hat JBoss Core Services Apache HTTP 2423 Release Type/Severity Security Advisory: Important Topic Red Hat JBoss Core Services httpd 2423 is now available from the Red Hat Customer Portal for Solaris and Microsoft Windows systemsRed Hat Product Security has rated this release as ...
Debian Security Advisories: DSA-3566-1 openssl -- security update
Several vulnerabilities were discovered in OpenSSL, a Secure Socket Layer toolkit CVE-2016-2105 Guido Vranken discovered that an overflow can occur in the function EVP_EncodeUpdate(), used for Base64 encoding, if an attacker can supply a large amount of data This could lead to a heap corruption CVE-2016-2106 Guido Vranken discov ...
Amazon Linux AMI: ALAS-2016-695
A vulnerability was discovered that allows a man-in-the-middle attacker to use a padding oracle attack to decrypt traffic on a connection using an AES CBC cipher with a server supporting AES-NI (CVE-2016-2107, Important) It was discovered that the ASN1 parser can misinterpret a large universal tag as a negative value If an application deserializ ...
Red Hat: CVE-2016-2108
A flaw was found in the way OpenSSL encoded certain ASN1 data structures An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library ...
Tenable Security Advisories: [R7] LCE 4.8.1 Fixes Multiple Vulnerabilities
The Log Correlation Engine (LCE) is potentially impacted by several vulnerabilities in OpenSSL (20160503), libpcre / PCRE, Libxml2, Handlebars, libcurl, and jQuery that were recently disclosed and fixed Note that due to the time involved in doing a full analysis of each issue, Tenable has opted to upgrade the included versions of each library as a ...
Tenable Security Advisories: [R3] PVS 5.1.0 Fixes Multiple Third-party Library Vulnerabilities
Tenable's Passive Vulnerability Scanner (PVS) uses third-party libraries to provide certain standardized functionality Two of these libraries were found to contain vulnerabilities and were fixed upstream Those fixes have been integrated despite there being no known exploitation scenarios related to PVS OpenSSL ASN1 Encoder Negative Zero Value ...
Citrix Security Bulletins: Citrix XenServer Multiple Security Updates
Description of Problem A number of security vulnerabilities have been identified in Citrix XenServer that may allow a malicious administrator of a guest VM (depending on configuration) or an attacker on the management network to compromise the host These vulnerabilities affect all currently supported versions of Citrix XenServer up to and includin ...
Citrix Security Bulletins: Citrix XenServer 7.2 Multiple Security Updates
Description of Problem A number of security issues have been identified within Citrix XenServer 72 which could, if exploited, allow a malicious man-in-the-middle (MiTM) attacker on the management network to decrypt management traffic Collectively, this has been rated as a medium severity vulnerability; the following issues have been remediated: C ...

ICS Advisories

Siemens SCALANCE X-200RNA Switch Devices

Recent Articles

Yay! It's International Patch Your Scary OpenSSL Bugs Day!
The Register • Iain Thomson in San Francisco • 03 May 2016

Two innocent programming blunders breed high-risk flaw

Six security patches – two of them high severity – have been released today for OpenSSL 1.0.1 and 1.0.2. Last week, the open-source crypto-library project warned that a bunch of fixes were incoming, and true enough, Tuesday’s updates address serious flaws that should be installed as soon as possible. CVE-2016-2108 is a curious beast; a hybrid of two low-risk bugs that can be fused into a serious problem. The first is a seemingly innocuous issue with the ASN.1 parser whereby if a zero is re...

Read more...

References

CWE-119https://www.openssl.org/news/secadv/20160503.txthttps://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40202https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05164862http://source.android.com/security/bulletin/2016-07-01.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0722.htmlhttp://rhn.redhat.com/errata/RHSA-2016-0996.htmlhttp://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.htmlhttp://lists.apple.com/archives/security-announce/2016/Jul/msg00000.htmlhttps://support.apple.com/HT206903http://www.securityfocus.com/bid/91787https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05149345http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlhttp://www.securityfocus.com/bid/89752https://access.redhat.com/errata/RHSA-2016:1137http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00016.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00014.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2016-May/184605.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00010.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2016-May/183457.htmlhttp://www.ubuntu.com/usn/USN-2959-1http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00013.htmlhttp://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.542103http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00019.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.htmlhttp://www.securitytracker.com/id/1035721http://www.debian.org/security/2016/dsa-3566http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.htmlhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160504-opensslhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00011.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00008.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2016-May/183607.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.htmlhttps://bto.bluecoat.com/security-advisory/sa123http://packetstormsecurity.com/files/136912/Slackware-Security-Advisory-openssl-Updates.htmlhttp://support.citrix.com/article/CTX212736https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00067&languageid=en-frhttps://security.gentoo.org/glsa/201612-16http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759https://www.tenable.com/security/tns-2016-18https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_ushttps://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03756en_ushttps://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03765en_ushttp://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.htmlhttps://security.netapp.com/advisory/ntap-20160504-0001/https://access.redhat.com/errata/RHSA-2017:0194https://access.redhat.com/errata/RHSA-2017:0193http://rhn.redhat.com/errata/RHSA-2016-2957.htmlhttps://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdfhttp://rhn.redhat.com/errata/RHSA-2016-2056.htmlhttp://rhn.redhat.com/errata/RHSA-2016-2073.htmlhttps://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=f5da52e308a6aeea6d5f3df98c4da295d7e9cc27https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=3661bb4e7934668bd99ca777ea8b30eedfafa871https://nvd.nist.govhttps://usn.ubuntu.com/2959-1/https://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-1183hard-codedCVE-2024-28254CVE-2023-43790buffer overflowbypassCVE-2024-32633CVE-2024-1874CVE-2024-23558
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook