Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
2.6
CVSSv2

CVE-2016-7055

Published: 04/05/2017 Updated: 01/09/2022
CVSS v2 Base Score: 2.6 | Impact Score: 2.9 | Exploitability Score: 4.9
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 232
Vector: AV:N/AC:H/Au:N/C:N/I:N/A:P
Subscribe to Openssl

Vulnerability Summary

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 prior to 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not used in operations with the private key itself and an input of the attacker's direct choice. Otherwise the bug can manifest itself as transient authentication and key negotiation failures or reproducible erroneous outcome of public-key operations with specially crafted input. Among EC algorithms only Brainpool P-512 curves are affected and one presumably can attack ECDH key negotiation. Impact was not analyzed in detail, because pre-requisites for attack are considered unlikely. Namely multiple clients have to choose the curve in question and the server has to share the private key among them, neither of which is default behaviour. Even then only clients that chose the curve will be affected.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

openssl openssl

nodejs node.js

Vendor Advisories

Ubuntu Security Notice: openssl vulnerabilities
Several security issues were fixed in OpenSSL ...
Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 security update
Synopsis Moderate: Red Hat JBoss Core Services Apache HTTP Server 2429 security update Type/Severity Security Advisory: Moderate Topic Red Hat JBoss Core Services Pack Apache Server 2429 packages are now availableRed Hat Product Security has rated this release as having a security impactof Moderate A ...
Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 7 security update
Synopsis Moderate: Red Hat JBoss Core Services Apache HTTP Server 2429 RHEL 7 security update Type/Severity Security Advisory: Moderate Topic Red Hat JBoss Core Services Pack Apache Server 2429 packages are now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this release as ...
Red Hat: Moderate: Red Hat JBoss Core Services Apache HTTP Server 2.4.29 RHEL 6 security update
Synopsis Moderate: Red Hat JBoss Core Services Apache HTTP Server 2429 RHEL 6 security update Type/Severity Security Advisory: Moderate Topic Red Hat JBoss Core Services Pack Apache Server 2429 packages are now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this release as h ...
Arch Linux Issues:
There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure that handles input lengths divisible by, but longer than 256 bits Analysis suggests that attacks against RSA, DSA and DH private keys are impossible This is because the subroutine in question is not used in operations with the private key itself and an ...
Tenable Security Advisories: [R5] SecurityCenter 5.4.3 Fixes Multiple Vulnerabilities
SecurityCenter has recently been discovered to contain several vulnerabilities Four issues in the SC code were discovered during internal testing by Barry Clark, and several third-party libraries were upgraded as part of our internal security process Note that the library vulnerabilities were not fully diagnosed so SecurityCenter is possibly impa ...
Huawei Security Advisories: Huawei PSIRT: Technical Analysis Report Regarding Finite State Supply Chain Assessment
Corporate Worldwide Log in ...

Exploits

Exploit DB: Orion Elite Hidden IP Browser Pro 7.9 OpenSSL / Tor / Man-In-The-Middle
Orion Elite Hidden IP Browser Pro versions 10 through 79 have insecure versions of Tor and OpenSSL included and also suffer from man-in-the-middle vulnerabilities ...

References

NVD-CWE-noinfohttps://www.openssl.org/news/secadv/20161110.txthttp://www.securityfocus.com/bid/94242https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03744en_ushttps://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03752en_ushttps://security.gentoo.org/glsa/201702-07http://www.securitytracker.com/id/1037261http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.htmlhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlhttps://www.tenable.com/security/tns-2017-04https://security.FreeBSD.org/advisories/FreeBSD-SA-17:02.openssl.aschttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlhttps://access.redhat.com/errata/RHSA-2018:2187https://access.redhat.com/errata/RHSA-2018:2186https://access.redhat.com/errata/RHSA-2018:2185https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlhttps://nvd.nist.govhttps://usn.ubuntu.com/3181-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
injectionCVE-2024-30983CVE-2023-4235CVE-2024-21338privilegeencryptionCVE-2023-4232CVE-2024-31497CVE-2024-32341
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook