CVE - CVE - 2016 - 0704

CVE-ID
cve - 2016 - 0704	了解更多国家漏洞数据库(NVD) •CVSS严重性评级•修复信息•••CPE SCAP映射脆弱的软件版本信息
描述
oracle保护机制在s2_srvr get_client_master_key函数。c在OpenSSL SSLv2的站点时实现0.9.8zf之前,1.0.0 1.0.0r之前,1.0.1 1.0.1m之前,期间和1.0.2 1.0.2a覆盖之前错误的主密钥字节使用出口密码套件,这使得它更容易为远程攻击者利用TLS密文进行解密数据Bleichenbacher RSA padding oracle, cve - 2016 - 0800的相关问题。
引用
注意:引用为方便读者提供帮助区分漏洞。并不是完整列表。
报价:83764 URL: http://www.securityfocus.com/bid/83764 思科:20160302多个漏洞OpenSSL影响思科产品:2016年3月 URL: http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco - sa - 20160302 - openssl 确认:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 确认:http://openssl.org/news/万博下载包secadv/20160301.txt 确认:http://www.oracle.com/technetwork/security - advisory/cpujan2018 - 3236628. - html 确认:http://www.oracle.com/technetwork/topics/security/bulletinapr2016 - 2952098. - html 确认:http://www.oracle.com/technetwork/topics/security/bulletinjan2016 - 2867206. - html 确认:http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016 - 2867209. - html 确认:https://cert - portal.siemens.com/productcert/pdf/ssa - 412672. - pdf 确认:https://git.openssl.org/?p=openssl.git; =提交;h = ae50d8270026edf5b3c7f8aaa0c6677462b33d97 确认:https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03741en_us 确认:https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168 确认:https://www.openssl.org/news/万博下载包secadv/20160301.txt FREEBSD: FreeBSD-SA-16:12 URL: https://security.FreeBSD.org/advisories/FreeBSD-SA-16:12.openssl.asc GENTOO: glsa - 201603 - 15所示 URL: https://security.gentoo.org/glsa/201603-15 MISC: https://drownattack.com SECTRACK: 1035133 URL: http://www.securitytracker.com/id/1035133 SUSE: SUSE-SU-2016:0617 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html SUSE: SUSE-SU-2016:0620 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html SUSE: SUSE-SU-2016:0621 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html SUSE: SUSE-SU-2016:0624 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html SUSE: SUSE-SU-2016:0631 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html SUSE: SUSE-SU-2016:0641 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html SUSE: SUSE-SU-2016:0678 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00017.html SUSE: SUSE-SU-2016:1057 URL: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html SUSE: openSUSE-SU-2016:0628 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html SUSE: openSUSE-SU-2016:0637 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html SUSE: openSUSE-SU-2016:0638 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html SUSE: openSUSE-SU-2016:0720 URL: http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html
分配中央社
红帽公司。
创建日期记录
20151216	免责声明:记录创建日期可能反映了CVE ID分配或保留的时候,,不一定表示当发现了这个漏洞,与受影响的供应商,在CVE公开披露,或更新。
阶段(遗留)
分配(20151216)
票(遗留)

评论(遗留)

提出(遗留)
N /一个
这是一个记录CVE列表,它提供了共同的标识符公开已知的网络安全漏洞。
CVE使用关键字搜索: 你也可以搜索参考使用CVE参考地图。
更多信息:CVE请求Web表单(从下拉框中选择“其他”)

回到顶部

cve - 2016 - 0704