CVE-2016-2217 - The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the

CVE-2016-2217

Summary

The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret.

References

Vulnerable Configurations

cpe:2.3:a:dest-unreach:socat:1.7.3.0:*:*:*:*:*:*:*
cpe:2.3:a:dest-unreach:socat:1.7.3.0:*:*:*:*:*:*:*
cpe:2.3:a:dest-unreach:socat:2.0.0:b8:*:*:*:*:*:*
cpe:2.3:a:dest-unreach:socat:2.0.0:b8:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 01-07-2017 - 01:29)
Impact:
Exploitability:

CWE

CWE-320

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
PARTIAL	NONE	NONE

cvss-vector via4

AV:N/AC:L/Au:N/C:P/I:N/A:N

refmap via4

confirm	http://www.dest-unreach.org/socat/contrib/socat-secadv7.html
gentoo	GLSA-201612-23
mlist	[oss-security] 20160201 Socat security advisory 7 - Created new 2048bit DH modulus [oss-security] 20160203 Re: Socat security advisory 7 - Created new 2048bit DH modulus

Last major update

01-07-2017 - 01:29

Published

30-01-2017 - 22:59

Last modified

01-07-2017 - 01:29