ID CVE-2016-7056
Summary A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys.
References
Vulnerable Configurations
  • OpenSSL 1.0.1u
    cpe:2.3:a:openssl:openssl:1.0.1u
  • Debian Linux 8.0 (Jessie)
    cpe:2.3:o:debian:debian_linux:8.0
  • Debian Linux 9.0
    cpe:2.3:o:debian:debian_linux:9.0
  • Red Hat Enterprise Linux 6.0
    cpe:2.3:o:redhat:enterprise_linux:6.0
  • Red Hat Enterprise Linux (RHEL) 7.0 (7)
    cpe:2.3:o:redhat:enterprise_linux:7.0
  • Canonical Ubuntu Linux 12.04 ESM (Extended Security Maintenance)
    cpe:2.3:o:canonical:ubuntu_linux:12.04:-:-:-:esm
  • Canonical Ubuntu Linux 14.04 LTS (Long-Term Support)
    cpe:2.3:o:canonical:ubuntu_linux:14.04:-:-:-:lts
CVSS
Base: 2.1
Impact:
Exploitability:
CWE CWE-320
CAPEC
nessus via4
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2018-168.NASL
    description This update for openssl-steam fixes the following issues : - Merged changes from upstream openssl (Factory rev 137) into this fork for Steam. Updated to openssl 1.0.2k : - CVE-2016-7055: Montgomery multiplication may produce incorrect results (boo#1009528) - CVE-2016-7056: ECSDA P-256 timing attack key recovery (boo#1019334) - CVE-2017-3731: Truncated packet could crash via OOB read (boo#1022085) - CVE-2017-3732: BN_mod_exp may produce incorrect results on x86_64 (boo#1022086) Update to openssl-1.0.2j : - CVE-2016-7052: Missing CRL sanity check (boo#1001148) OpenSSL Security Advisory [22 Sep 2016] (boo#999665) - Severity: High - CVE-2016-6304: OCSP Status Request extension unbounded memory growth (boo#999666) - Severity: Low - CVE-2016-2177: Pointer arithmetic undefined behaviour (boo#982575) - CVE-2016-2178: Constant time flag not preserved in DSA signing (boo#983249) - CVE-2016-2179: DTLS buffered message DoS (boo#994844) - CVE-2016-2180: OOB read in TS_OBJ_print_bio() (boo#990419) - CVE-2016-2181: DTLS replay protection DoS (boo#994749) - CVE-2016-2182: OOB write in BN_bn2dec() (boo#993819) - CVE-2016-2183: Birthday attack against 64-bit block ciphers (SWEET32) (boo#995359) - CVE-2016-6302: Malformed SHA512 ticket DoS (boo#995324) - CVE-2016-6303: OOB write in MDC2_Update() (boo#995377) - CVE-2016-6306: Certificate message OOB reads (boo#999668) ALso fixed : - fixed a crash in print_notice (boo#998190) - fix X509_CERT_FILE path (boo#1022271) and rename - resume reading from /dev/urandom when interrupted by a signal (boo#995075) - fix problems with locking in FIPS mode (boo#992120) - duplicates: boo#991877, boo#991193, boo#990392, boo#990428 and boo#990207 - drop openssl-fips_RSA_compute_d_with_lcm.patch (upstream) (boo#984323) - don't check for /etc/system-fips (boo#982268)
    last seen 2019-02-21
    modified 2018-02-16
    plugin id 106863
    published 2018-02-16
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106863
    title openSUSE Security Update : openssl-steam (openSUSE-2018-168)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-1413.NASL
    description An update is now available for Red Hat JBoss Core Services on RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Security Fix(es) : * A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304) * It was discovered that the mod_session_crypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user's browser. A remote attacker could use this flaw to decrypt and modify session data using a padding oracle attack. (CVE-2016-0736) * It was discovered that the mod_auth_digest module of httpd did not properly check for memory allocation failures. A remote attacker could use this flaw to cause httpd child processes to repeatedly crash if the server used HTTP digest authentication. (CVE-2016-2161) * A timing attack flaw was found in OpenSSL that could allow a malicious user with local access to recover ECDSA P-256 private keys. (CVE-2016-7056) * A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. (CVE-2016-8610) * It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a remote attacker could possibly use this flaw to inject data into HTTP responses, resulting in proxy cache poisoning. (CVE-2016-8743) * A vulnerability was found in httpd's handling of the LimitRequestFields directive in mod_http2, affecting servers with HTTP/2 enabled. An attacker could send crafted requests with headers larger than the server's available memory, causing httpd to crash. (CVE-2016-8740) Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 117315
    published 2018-09-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117315
    title RHEL 7 : JBoss Core Services (RHSA-2017:1413)
  • NASL family MacOS X Local Security Checks
    NASL id MACOS_10_12_4.NASL
    description The remote host is running a version of macOS that is 10.12.x prior to 10.12.4. It is, therefore, affected by multiple vulnerabilities in multiple components, some of which are remote code execution vulnerabilities. An unauthenticated, remote attacker can exploit these remote code execution vulnerabilities by convincing a user to visit a specially crafted website, resulting in the execution of arbitrary code in the context of the current user. The affected components are as follows : - apache - apache_mod_php - AppleGraphicsPowerManagement - AppleRAID - Audio - Bluetooth - Carbon - CoreGraphics - CoreMedia - CoreText - curl - EFI - FinderKit - FontParser - HTTPProtocol - Hypervisor - iBooks - ImageIO - Intel Graphics Driver - IOATAFamily - IOFireWireAVC - IOFireWireFamily - Kernel - Keyboards - libarchive - libc++abi - LibreSSL - MCX Client - Menus - Multi-Touch - OpenSSH - OpenSSL - Printing - python - QuickTime - Security - SecurityFoundation - sudo - System Integrity Protection - tcpdump - tiffutil - WebKit
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 99134
    published 2017-03-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99134
    title macOS 10.12.x < 10.12.4 Multiple Vulnerabilities (httpoxy)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-561.NASL
    description This update for libressl to version 2.5.1 fixes the following issues : These security issues were fixed : - CVE-2016-0702: Prevent side channel attack on modular exponentiation (boo#968050). - CVE-2016-7056: Avoid a side-channel cache-timing attack that can leak the ECDSA private keys when signing (boo#1019334). These non-security issues were fixed : - Detect zero-length encrypted session data early - Curve25519 Key Exchange support. - Support for alternate chains for certificate verification. - Added EVP interface for MD5+SHA1 hashes - Fixed DTLS client failures when the server sends a certificate request. - Corrected handling of padding when upgrading an SSLv2 challenge into an SSLv3/TLS connection. - Allowed protocols and ciphers to be set on a TLS config object in libtls. For additional changes please refer to the changelog.
    last seen 2019-02-21
    modified 2019-01-18
    plugin id 100043
    published 2017-05-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100043
    title openSUSE Security Update : libressl (openSUSE-2017-561)
  • NASL family MacOS X Local Security Checks
    NASL id MACOSX_SECUPD2017-001.NASL
    description The remote host is running a version of Mac OS X 10.10.5 or 10.11.6 that is missing a security update. It is therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists in the LibreSSL component due to a flaw in the ECDSA implementation that is triggered when not properly setting a flag in ECDSA signing nonces to indicate that only constant-time code paths should be followed. An unauthenticated, remote attacker can exploit this to conduct side-channel cache-timing attacks, allowing the attacker to recover the modular inversion state sequences and the ECDSA private keys. Note that this vulnerability does not affect Mac OS X 10.10.5. (CVE-2016-7056) - An integer overflow condition exists in the ImageIO component due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, by convincing a user to open a specially crafted JPEG file, to cause a denial of service condition or the execution of arbitrary code. (CVE-2017-2432) - Multiple memory corruption issues exist in the libxslt component that allow an unauthenticated, remote attacker to cause a denial of service condition or the execution of arbitrary code. (CVE-2017-2477) - An integer overflow condition exists in the libxslt component in the xsltAddTextString() function in transform.c. An unauthenticated, remote attacker can exploit this, by convincing a user to open a specially crafted file, to cause an out-of-bounds write, potentially allowing the execution of arbitrary code. (CVE-2017-5029)
    last seen 2019-02-21
    modified 2018-07-14
    plugin id 99135
    published 2017-03-31
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=99135
    title Mac OS X Multiple Vulnerabilities (Security Update 2017-001
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DLA-814.NASL
    description Several vulnerabilities were discovered in OpenSSL : CVE-2016-7056 A local timing attack was discovered against ECDSA P-256. CVE-2016-8610 It was discovered that no limit was imposed on alert packets during an SSL handshake. CVE-2017-3731 Robert Swiecki discovered that the RC4-MD5 cipher when running on 32 bit systems could be forced into an out-of-bounds read, resulting in denial of service. For Debian 7 'Wheezy', these problems have been fixed in version 1.0.1t-1+deb7u2. We recommend that you upgrade your openssl packages. NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-07-09
    plugin id 96931
    published 2017-02-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96931
    title Debian DLA-814-1 : openssl security update
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0585-1.NASL
    description This update for openssl fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641) Security issues fixed : - CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed key recovery was fixed (bsc#1019334) - CVE-2016-8610: A remote denial of service in SSL alert handling was fixed (bsc#1005878) - degrade 3DES to MEDIUM in SSL2 (bsc#1001912) - CVE-2016-2108: Added a missing commit for CVE-2016-2108, fixing the negative zero handling in the ASN.1 decoder (bsc#1004499) Bugs fixed : - fix crash in openssl speed (bsc#1000677) - don't attempt session resumption if no ticket is present and session ID length is zero (bsc#984663) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-30
    plugin id 97494
    published 2017-03-02
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97494
    title SUSE SLES11 Security Update : openssl (SUSE-SU-2017:0585-1)
  • NASL family Ubuntu Local Security Checks
    NASL id UBUNTU_USN-3181-1.NASL
    description Guido Vranken discovered that OpenSSL used undefined behaviour when performing pointer arithmetic. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS as other releases were fixed in a previous security update. (CVE-2016-2177) It was discovered that OpenSSL did not properly handle Montgomery multiplication, resulting in incorrect results leading to transient failures. This issue only applied to Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2016-7055) It was discovered that OpenSSL did not properly use constant-time operations when performing ECDSA P-256 signing. A remote attacker could possibly use this issue to perform a timing attack and recover private ECDSA keys. This issue only applied to Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-7056) Shi Lei discovered that OpenSSL incorrectly handled certain warning alerts. A remote attacker could possibly use this issue to cause OpenSSL to stop responding, resulting in a denial of service. (CVE-2016-8610) Robert Swiecki discovered that OpenSSL incorrectly handled certain truncated packets. A remote attacker could possibly use this issue to cause OpenSSL to crash, resulting in a denial of service. (CVE-2017-3731) It was discovered that OpenSSL incorrectly performed the x86_64 Montgomery squaring procedure. While unlikely, a remote attacker could possibly use this issue to recover private keys. This issue only applied to Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2017-3732). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 96927
    published 2017-02-01
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96927
    title Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : openssl vulnerabilities (USN-3181-1)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0461-1.NASL
    description This update for openssl fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641) Security issues fixed : - CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed key recovery was fixed (bsc#1019334) - CVE-2016-8610: A remote denial of service in SSL alert handling was fixed (bsc#1005878) - CVE-2016-2108: Added a missing commit for CVE-2016-2108, fixing the negative zero handling in the ASN.1 decoder (bsc#1004499) - CVE-2017-3731: Truncated packet could crash via OOB read (bsc#1022085, CVE-2017-3731) - Degrade the 3DES cipher to MEDIUM in SSLv2 (bsc#1001912) Bugs fixed : - fix crash in openssl speed (bsc#1000677) - fix ca-bundle path (bsc#1022271) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-11-30
    plugin id 97188
    published 2017-02-15
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97188
    title SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2017:0461-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-560.NASL
    description This update for libressl to version 2.5.1 fixes the following issues : These security issues were fixed : - CVE-2016-0702: Prevent side channel attack on modular exponentiation (boo#968050). - CVE-2016-7056: Avoid a side-channel cache-timing attack that can leak the ECDSA private keys when signing (boo#1019334). These non-security issues were fixed : - Detect zero-length encrypted session data early - Curve25519 Key Exchange support. - Support for alternate chains for certificate verification. - Added EVP interface for MD5+SHA1 hashes - Fixed DTLS client failures when the server sends a certificate request. - Corrected handling of padding when upgrading an SSLv2 challenge into an SSLv3/TLS connection. - Allowed protocols and ciphers to be set on a TLS config object in libtls.
    last seen 2019-02-21
    modified 2019-01-18
    plugin id 100042
    published 2017-05-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=100042
    title openSUSE Security Update : libressl (openSUSE-2017-560)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2017-0605-1.NASL
    description This update for compat-openssl098 fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641) Security issues fixed : - CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed key recovery was fixed (bsc#1019334) - CVE-2016-8610: A remote denial of service in SSL alert handling was fixed (bsc#1005878) - degrade 3DES to MEDIUM in SSL2 (bsc#1001912) - CVE-2016-2108: Added a missing commit for CVE-2016-2108, fixing the negative zero handling in the ASN.1 decoder (bsc#1004499) Bugs fixed : - fix crash in openssl speed (bsc#1000677) - don't attempt session resumption if no ticket is present and session ID length is zero (bsc#984663) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2019-01-02
    plugin id 97550
    published 2017-03-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97550
    title SUSE SLED12 / SLES12 Security Update : compat-openssl098 (SUSE-SU-2017:0605-1)
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-222.NASL
    description This update for libressl fixes the following issues : - CVE-2016-7056: Difficult to execute cache timing attack that may have allowed a local user to recover the private part from ECDSA P-256 keys (boo#1019334)
    last seen 2019-02-21
    modified 2019-01-18
    plugin id 97076
    published 2017-02-09
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97076
    title openSUSE Security Update : libressl (openSUSE-2017-222)
  • NASL family SuSE Local Security Checks
    NASL id SUSE_SU-2018-0112-1.NASL
    description This update for openssl fixes the following issues: Security issues fixed : - CVE-2016-7056: ECSDA P-256 timing attack key recovery (bsc#1019334) - CVE-2017-3731: Truncated packet could crash via OOB read (bsc#1022085) - CVE-2016-8610: remote denial of service in SSL alert handling (bsc#1005878) - CVE-2017-3735: Malformed X.509 IPAdressFamily could cause OOB read (bsc#1056058) Bug fixes : - support alternate root ca chains (bsc#1032261) - X509_get_default_cert_file() returns an incorrect path (bsc#1022271) - Segmentation fault in 'openssl speed' when engine library file cannot be found (bsc#1000677) - adjust DEFAULT_SUSE to meet 1.0.2 and current state (bsc#1027908) - Missing important ciphers in openssl 1.0.1i-47.1 on SLES12 SP1 (bsc#990592) - out of bounds read+crash in DES_fcrypt (bsc#1065363) - tracker bug for January 26th 2017 release (bsc#1021641) - patch for CVE-2016-2108 fails negative zero exploit (bsc#1001502) - Birthday attacks on 64-bit block ciphers aka triple-des (SWEET32) (bsc#1001912) - Include additional patch for CVE-2016-2108 (bsc#1004499) - openssl DEFAULT_SUSE cipher list is missing ECDHE-ECDSA ciphers (bsc#1055825) Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen 2019-02-21
    modified 2018-12-01
    plugin id 106093
    published 2018-01-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=106093
    title SUSE SLES12 Security Update : openssl (SUSE-SU-2018:0112-1)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-3773.NASL
    description Several vulnerabilities were discovered in OpenSSL : - CVE-2016-7056 A local timing attack was discovered against ECDSA P-256. - CVE-2016-8610 It was discovered that no limit was imposed on alert packets during an SSL handshake. - CVE-2017-3731 Robert Swiecki discovered that the RC4-MD5 cipher when running on 32 bit systems could be forced into an out-of-bounds read, resulting in denial of service.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 96842
    published 2017-01-30
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96842
    title Debian DSA-3773-1 : openssl - security update
  • NASL family SuSE Local Security Checks
    NASL id OPENSUSE-2017-255.NASL
    description This update for openssl fixes the following issues contained in the OpenSSL Security Advisory [26 Jan 2017] (bsc#1021641) Security issues fixed : - CVE-2016-7056: A local ECSDA P-256 timing attack that might have allowed key recovery was fixed (bsc#1019334) - CVE-2016-8610: A remote denial of service in SSL alert handling was fixed (bsc#1005878) - CVE-2016-2108: Added a missing commit for CVE-2016-2108, fixing the negative zero handling in the ASN.1 decoder (bsc#1004499) - CVE-2017-3731: Truncated packet could crash via OOB read (bsc#1022085, CVE-2017-3731) - Degrade the 3DES cipher to MEDIUM in SSLv2 (bsc#1001912) Bugs fixed : - fix crash in openssl speed (bsc#1000677) - fix ca-bundle path (bsc#1022271) This update was imported from the SUSE:SLE-12-SP1:Update update project.
    last seen 2019-02-21
    modified 2017-07-20
    plugin id 97275
    published 2017-02-21
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=97275
    title openSUSE Security Update : openssl (openSUSE-2017-255)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-1414.NASL
    description An update is now available for Red Hat JBoss Core Services on RHEL 6. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1 serves as a replacement for Red Hat JBoss Core Services Apache HTTP Server 2.4.23, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Security Fix(es) : * A memory leak flaw was found in the way OpenSSL handled TLS status request extension data during session renegotiation. A remote attacker could cause a TLS server using OpenSSL to consume an excessive amount of memory and, possibly, exit unexpectedly after exhausting all available memory, if it enabled OCSP stapling support. (CVE-2016-6304) * It was discovered that the mod_session_crypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user's browser. A remote attacker could use this flaw to decrypt and modify session data using a padding oracle attack. (CVE-2016-0736) * It was discovered that the mod_auth_digest module of httpd did not properly check for memory allocation failures. A remote attacker could use this flaw to cause httpd child processes to repeatedly crash if the server used HTTP digest authentication. (CVE-2016-2161) * A timing attack flaw was found in OpenSSL that could allow a malicious user with local access to recover ECDSA P-256 private keys. (CVE-2016-7056) * A denial of service flaw was found in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients. (CVE-2016-8610) * It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If httpd was used in conjunction with a proxy or backend server that interpreted those characters differently, a remote attacker could possibly use this flaw to inject data into HTTP responses, resulting in proxy cache poisoning. (CVE-2016-8743) * A vulnerability was found in httpd's handling of the LimitRequestFields directive in mod_http2, affecting servers with HTTP/2 enabled. An attacker could send crafted requests with headers larger than the server's available memory, causing httpd to crash. (CVE-2016-8740) Red Hat would like to thank the OpenSSL project for reporting CVE-2016-6304 and Shi Lei (Gear Team of Qihoo 360 Inc.) for reporting CVE-2016-8610. Upstream acknowledges Shi Lei (Gear Team of Qihoo 360 Inc.) as the original reporter of CVE-2016-6304.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 117316
    published 2018-09-06
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=117316
    title RHEL 6 : JBoss Core Services (RHSA-2017:1414)
  • NASL family Red Hat Local Security Checks
    NASL id REDHAT-RHSA-2017-1801.NASL
    description An update is now available for Red Hat JBoss Web Server 3.1 for RHEL 6 and Red Hat JBoss Web Server 3.1 for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector (mod_jk), JBoss HTTP Connector (mod_cluster), Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1 Service Pack 1 serves as a replacement for Red Hat JBoss Web Server 3.1, and includes bug fixes, which are documented in the Release Notes document linked to in the References. Security Fix(es) : * It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. An attacker could use this flaw to send a specially crafted log event that, during deserialization, would execute arbitrary code in the context of the logger application. (CVE-2017-5645) * A vulnerability was discovered in tomcat's handling of pipelined requests when 'Sendfile' was used. If sendfile processing completed quickly, it was possible for the Processor to be added to the processor cache twice. This could lead to invalid responses or information disclosure. (CVE-2017-5647) * A vulnerability was discovered in the error page mechanism in Tomcat's DefaultServlet implementation. A crafted HTTP request could cause undesired side effects, possibly including the removal or replacement of the custom error page. (CVE-2017-5664) * A vulnerability was discovered in tomcat. When running an untrusted application under a SecurityManager it was possible, under some circumstances, for that application to retain references to the request or response objects and thereby access and/or modify information associated with another web application. (CVE-2017-5648)
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 112177
    published 2018-08-29
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=112177
    title RHEL 6 / 7 : Red Hat JBoss Web Server 3.1.0 Service Pack 1 (RHSA-2017:1801)
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_7CAEBE30D7F111E6A9A5B499BAEBFEAF.NASL
    description Cesar Pereida Garcia reports : The signing function in crypto/ecdsa/ecdsa_ossl.c in certain OpenSSL versions and forks is vulnerable to timing attacks when signing with the standardized elliptic curve P-256 despite featuring constant-time curve operations and modular inversion. A software defect omits setting the BN_FLG_CONSTTIME flag for nonces, failing to take a secure code path in the BN_mod_inverse method and therefore resulting in a cache-timing attack vulnerability. A malicious user with local access can recover ECDSA P-256 private keys.
    last seen 2019-02-21
    modified 2019-01-18
    plugin id 96412
    published 2017-01-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=96412
    title FreeBSD : openssl -- timing attack vulnerability (7caebe30-d7f1-11e6-a9a5-b499baebfeaf)
redhat via4
advisories
  • rhsa
    id RHSA-2017:1413
  • rhsa
    id RHSA-2017:1414
  • rhsa
    id RHSA-2017:1415
  • rhsa
    id RHSA-2017:1801
  • rhsa
    id RHSA-2017:1802
refmap via4
bid 95375
confirm
debian DSA-3773
misc https://eprint.iacr.org/2016/1195
mlist [oss-security] 20170110 CVE-2016-7056 ECDSA P-256 timing attack key recovery (OpenSSL, LibreSSL, BoringSSL)
sectrack 1037575
Last major update 10-09-2018 - 12:29
Published 10-09-2018 - 12:29
Last modified 22-04-2019 - 13:48
Back to Top