CVE - CVE - 2016 - 0800

CVE-ID
cve - 2016 - 0800	了解更多国家漏洞数据库(NVD) •CVSS严重性评级•修复信息•••CPE SCAP映射脆弱的软件版本信息
描述
SSLv2的站点时的协议,使用OpenSSL 1.0.1 1.0.2 1.0.2g之前和其他产品之前,需要一个服务器发送ServerVerify消息之前建立一个客户拥有一定的明文RSA数据,这使得它更容易为远程攻击者利用TLS密文进行解密数据Bleichenbacher RSA padding oracle,又名“淹没”攻击。
引用
注意:引用为方便读者提供帮助区分漏洞。并不是完整列表。
报价:83733 URL: http://www.securityfocus.com/bid/83733 报价:91787 URL: http://www.securityfocus.com/bid/91787 CERT-VN: VU # 583776 URL: https://www.kb.cert.org/vuls/id/583776 思科:20160302多个漏洞OpenSSL影响思科产品:2016年3月 URL: http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco - sa - 20160302 - openssl 确认:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10722 确认:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 确认:http://support.citrix.com/article/CTX208403 确认:http://www.huawei.com/en/psirt/security - advisories/huawei - sa - 20160330 - 01 - openssl - en 确认:http://www.oracle.com/technetwork/security - advisory/cpuapr2016v3 - 2985753. - html 确认:http://www.oracle.com/technetwork/security - advisory/cpujan2018 - 3236628. - html 确认:http://www.oracle.com/technetwork/security - advisory/cpujul2016 - 2881720. - html 确认:http://www.oracle.com/technetwork/topics/security/bulletinapr2016 - 2952098. - html 确认:http://www.oracle.com/technetwork/topics/security/bulletinjan2016 - 2867206. - html 确认:http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016 - 2867209. - html 确认:http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016 - 3090546. - html 确认:http://www.siemens.com/cert/pool/cert/siemens_security_advisory_ssa - 623229. - pdf 确认:https://access.redhat.com/security/vulnerabilities/drown 确认:https://cert - portal.siemens.com/productcert/pdf/ssa - 412672. - pdf 确认:https://cert - portal.siemens.com/productcert/pdf/ssa - 623229. - pdf 确认:https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03726en_us 确认:https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03741en_us 确认:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681 确认:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05073516 确认:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05086877 确认:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05096953 确认:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05141441 确认:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05143554 确认:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05150800 确认:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05157667 确认:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05176765 确认:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05307589 确认:https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05386804 确认:https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare +数据+中心+手术+软件+漏洞修复确认:https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168 确认:https://kc.mcafee.com/corporate/index?page=content&id=SB10154 确认:https://security.netapp.com/advisory/ntap 0001/——20160301 确认:https://www.openssl.org/news/万博下载包secadv/20160301.txt FREEBSD: FreeBSD-SA-16:12 URL: https://security.FreeBSD.org/advisories/FreeBSD-SA-16:12.openssl.asc GENTOO: glsa - 201603 - 15所示 URL: https://security.gentoo.org/glsa/201603-15 惠普:HPSBGN03569 URL: http://marc.info/?l=bugtraq&m=145983526810210&w=2 惠普:HPSBMU03573 URL: http://marc.info/?l=bugtraq&m=146133665209436&w=2 惠普:HPSBMU03575 URL: http://marc.info/?l=bugtraq&m=146108058503441&w=2 MISC: https://drownattack.com MISC: https://ics - cert.us cert.gov/advisories/icsa - 16 - 103 - 03 MISC: https://www.arista.com/en/support/advisories-notices/security-advisories/1260-security-advisory-18 红帽:RHSA-2016:1519 URL: http://rhn.redhat.com/errata/rhsa - 2016 - 1519. - html SECTRACK: 1035133 URL: http://www.securitytracker.com/id/1035133 SUSE: SUSE-SU-2016:0617 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html SUSE: SUSE-SU-2016:0620 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html SUSE: SUSE-SU-2016:0621 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html SUSE: SUSE-SU-2016:0624 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html SUSE: SUSE-SU-2016:0631 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html SUSE: SUSE-SU-2016:0641 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html SUSE: SUSE-SU-2016:0678 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html SUSE: SUSE-SU-2016:1057 URL: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html SUSE: openSUSE-SU-2016:0627 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00005.html SUSE: openSUSE-SU-2016:0628 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html SUSE: openSUSE-SU-2016:0637 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html SUSE: openSUSE-SU-2016:0638 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html SUSE: openSUSE-SU-2016:0640 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html SUSE: openSUSE-SU-2016:0720 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html SUSE: openSUSE-SU-2016:1239 URL: http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html SUSE: openSUSE-SU-2016:1241 URL: http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html
分配中央社
红帽公司。
创建日期记录
20151216	免责声明:记录创建日期可能反映了CVE ID分配或保留的时候,,不一定表示当发现了这个漏洞,与受影响的供应商,在CVE公开披露,或更新。
阶段(遗留)
分配(20151216)
票(遗留)

评论(遗留)

提出(遗留)
N /一个
这是一个记录CVE列表,它提供了共同的标识符公开已知的网络安全漏洞。
CVE使用关键字搜索: 你也可以搜索参考使用CVE参考地图。
更多信息:CVE请求Web表单(从下拉框中选择“其他”)

回到顶部

cve - 2016 - 0800