Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
7.8
CVSSv2

CVE-2016-6304

Published: 26/09/2016 Updated: 07/11/2023
CVSS v2 Base Score: 7.8 | Impact Score: 6.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 694
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Subscribe to Openssl

Vulnerability Summary

Multiple memory leaks in t1_lib.c in OpenSSL prior to 1.0.1u, 1.0.2 prior to 1.0.2i, and 1.1.0 prior to 1.1.0a allow remote malicious users to cause a denial of service (memory consumption) via large OCSP Status Request extensions.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openssl openssl 1.0.2a

openssl openssl 1.0.2e

openssl openssl 1.0.2b

openssl openssl 1.0.2h

openssl openssl 1.0.2c

openssl openssl 1.0.2

openssl openssl 1.0.2f

openssl openssl 1.0.2d

openssl openssl 1.1.0

openssl openssl 1.0.1m

openssl openssl 1.0.1j

openssl openssl 1.0.1

openssl openssl 1.0.1h

openssl openssl 1.0.1r

openssl openssl 1.0.1c

openssl openssl 1.0.1g

openssl openssl 1.0.1a

openssl openssl 1.0.1d

openssl openssl 1.0.1t

openssl openssl 1.0.1p

openssl openssl 1.0.1k

openssl openssl 1.0.1b

openssl openssl 1.0.1n

openssl openssl 1.0.1q

openssl openssl 1.0.1e

openssl openssl 1.0.1l

openssl openssl 1.0.1f

openssl openssl 1.0.1s

openssl openssl 1.0.1o

openssl openssl 1.0.1i

nodejs node.js

novell suse linux enterprise module for web scripting 12.0

Vendor Advisories

Debian CVElist Bug Report Logs: Security fixes from the October 2016 CPU
Debian Bug report logs - #841049 Security fixes from the October 2016 CPU Package: src:mysql-56; Maintainer for src:mysql-56 is (unknown); Reported by: "Norvald H Ryeng" <norvaldryeng@oraclecom> Date: Mon, 17 Oct 2016 08:33:02 UTC Severity: grave Tags: fixed-upstream, security, upstream Found in version mysql-56/56 ...
Ubuntu Security Notice: openssl regression
USN-3087-1 introduced a regression in OpenSSL ...
Ubuntu Security Notice: openssl vulnerabilities
Several security issues were fixed in OpenSSL ...
Red Hat: Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update
Synopsis Important: Red Hat JBoss Enterprise Application Platform 6416 natives update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application PlatformRed Hat Product Security has rated this update as having a security impact of Important A Com ...
Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 for RHEL 7
Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2423 Service Pack 1 for RHEL 7 Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Core Services on RHEL 7Red Hat Product Security has rated this update as having a security impact of Important A ...
Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 for RHEL 6
Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2423 Service Pack 1 for RHEL 6 Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Core Services on RHEL 6Red Hat Product Security has rated this update as having a security impact of Important A ...
Red Hat: Important: openssl security update
Synopsis Important: openssl security update Type/Severity Security Advisory: Important Topic An update for openssl is now available for Red Hat Enterprise Linux 62 Advanced Update Support, Red Hat Enterprise Linux 64 Advanced Update Support, Red Hat Enterprise Linux 65 Advanced Update Support, Red Hat En ...
Red Hat: Important: Red Hat JBoss Web Server 3.1.0 Service Pack 1 security update
Synopsis Important: Red Hat JBoss Web Server 310 Service Pack 1 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Web Server 31 for RHEL 6 and Red Hat JBoss Web Server 31 for RHEL 7Red Hat Product Security has rated this update as having a sec ...
Red Hat: Important: openssl security update
Synopsis Important: openssl security update Type/Severity Security Advisory: Important Topic An update for openssl is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Sc ...
Red Hat: Important: Red Hat JBoss Web Server Service Pack 1 security update
Synopsis Important: Red Hat JBoss Web Server Service Pack 1 security update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Web Server 31Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sys ...
Red Hat: Important: Red Hat JBoss Enterprise Application Platform 6.4.16 natives update
Synopsis Important: Red Hat JBoss Enterprise Application Platform 6416 natives update Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Enterprise Application Platform 64 for Red Hat Enterprise Linux 6 and Red Hat JBoss Enterprise Application Platform 64 for R ...
Red Hat: Important: Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1
Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2423 Service Pack 1 Type/Severity Security Advisory: Important Topic An update is now available for Red Hat JBoss Core ServicesRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability ...
Amazon Linux AMI: ALAS-2016-749
A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support The <a href="https:/ ...
Red Hat: CVE-2016-6304
A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support ...
Cisco: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016
On September 22, 2016, the OpenSSL Software Foundation released an advisory that describes 14 vulnerabilities Of these 14 vulnerabilities, the OpenSSL Software Foundation classifies one as “Critical Severity,” one as “Moderate Severity,” and the other 12 as “Low Severity” Subsequently, on September 26, the OpenSSL Software Foundatio ...
Arch Linux Issues:
A malicious client can send an excessively large OCSP Status Request extension If that client continually requests renegotiation, sending a large OCSP Status Request extension each time, then there will be unbounded memory growth on the server This will eventually lead to a Denial Of Service attack through memory exhaustion Servers with a defaul ...
Tenable Security Advisories: [R7] Nessus 6.9 Fixes Multiple Vulnerabilities
Nessus is potentially impacted by several vulnerabilities in OpenSSL (20160926) that were recently disclosed and fixed Note that due to the time involved in doing a full analysis of each issue, Tenable has opted to upgrade the included version of OpenSSL as a precaution, and to save time These vulnerabilities may impact Nessus and include: CVE-2 ...
Tenable Security Advisories: [R2] LCE 4.8.2 Fixes Multiple Third-party Library Vulnerabilities
LCE 481 is possibly impacted by multiple vulnerabilities reported in third-party libraries Tenable has not investigated each one to determine if it is exploitable or the vulnerable code path can be reached Instead, Dev has upgraded the impacted libraries as a faster and safer alternative Due to the number of library upgrades and the potential ...
Tenable Security Advisories: [R3] PVS 5.2.0 Fixes Multiple Third-party Library Vulnerabilities
Tenable's Passive Vulnerability Scanner (PVS) uses third-party libraries to provide certain standardized functionality Four of these libraries were found to contain vulnerabilities and were fixed upstream Those fixes have been integrated despite there being no known exploitation scenarios related to PVS OpenSSL ssl/statem/statemc read_state_ma ...

ICS Advisories

Siemens SCALANCE X-200RNA Switch Devices

Exploits

Exploit DB: Orion Elite Hidden IP Browser Pro 7.9 OpenSSL / Tor / Man-In-The-Middle
Orion Elite Hidden IP Browser Pro versions 10 through 79 have insecure versions of Tor and OpenSSL included and also suffer from man-in-the-middle vulnerabilities ...

Github Repositories

https://github.com/treussart/ProbeManager_CheckCVE

Module CheckCVE for Probe Manager

CheckCVE for Probe Manager Presentation Module to check the CVE of softwares Features Check if there is a CVE for a software on a remote server Installation Install with ProbeManager Usage Administration Page of the module : Page to add an instance which verifies the CVE of the software of a remote server : Give a unique name for this instance, example: server

Recent Articles

OpenSSL swats a dozen bugs, one notable nasty
The Register • Team Register • 23 Sep 2016

Denial of service dross dead.

A dozen flaws have been patched in OpenSSL, including one high severity hole that allows denial of service attacks. The OpenSSL Project pushed patches in versions 1.1.0a, 1.0.2i and 1.0.1u, with most of the flaws flagged as low severity risks. The nastiest vulnerability (CVE-2016-6304) results when attackers issue a massive OCSP status request extension which exhausts memory on servers in default configuration. Researcher Shi Lei of vulnerability blitzkrieg house Qihoo 360 spotted that one. Admi...

Read more...

References

CWE-401https://www.openssl.org/news/secadv/20160922.txthttp://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.htmlhttps://nodejs.org/en/blog/vulnerability/september-2016-security-releases/http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.htmlhttp://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.htmlhttp://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.htmlhttp://www.securityfocus.com/bid/93150http://www.splunk.com/view/SP-CAAAPUEhttp://www.splunk.com/view/SP-CAAAPSVhttps://security.gentoo.org/glsa/201612-16https://kc.mcafee.com/corporate/index?page=content&id=SB10171https://bto.bluecoat.com/security-advisory/sa132http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759http://rhn.redhat.com/errata/RHSA-2016-2802.htmlhttps://www.tenable.com/security/tns-2016-16http://www-01.ibm.com/support/docview.wss?uid=swg21995039http://www.securitytracker.com/id/1037640http://www.securitytracker.com/id/1036878http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttps://www.tenable.com/security/tns-2016-21https://www.tenable.com/security/tns-2016-20https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.aschttps://access.redhat.com/errata/RHSA-2017:2494https://access.redhat.com/errata/RHSA-2017:2493https://access.redhat.com/errata/RHSA-2017:1802https://access.redhat.com/errata/RHSA-2017:1801https://access.redhat.com/errata/RHSA-2017:1658https://access.redhat.com/errata/RHSA-2017:1414https://access.redhat.com/errata/RHSA-2017:1413http://rhn.redhat.com/errata/RHSA-2017-1659.htmlhttp://rhn.redhat.com/errata/RHSA-2017-1415.htmlhttp://rhn.redhat.com/errata/RHSA-2016-1940.htmlhttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-11/msg00027.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-11/msg00021.htmlhttps://kc.mcafee.com/corporate/index?page=content&id=SB10215http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.htmlhttps://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312http://www.debian.org/security/2016/dsa-3673http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.htmlhttp://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.htmlhttps://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24http://seclists.org/fulldisclosure/2016/Oct/62http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.htmlhttp://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.htmlhttp://www.ubuntu.com/usn/USN-3087-2http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.htmlhttp://seclists.org/fulldisclosure/2016/Dec/47http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.htmlhttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-enhttp://www.ubuntu.com/usn/USN-3087-1http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.htmlhttp://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.htmlhttp://seclists.org/fulldisclosure/2017/Jul/31http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.htmlhttp://packetstormsecurity.com/files/139091/OpenSSL-x509-Parsing-Double-Free-Invalid-Free.htmlhttps://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdfhttps://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=2c0d295e26306e15a92eb23a84a1802005c1c137https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841049https://nvd.nist.govhttps://github.com/treussart/ProbeManager_CheckCVEhttps://www.cisa.gov/uscert/ics/advisories/icsa-22-349-21https://usn.ubuntu.com/3087-2/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook