Lucene search
Ubuntu.comUB:CVE-2016-2109HistoryApr 25, 2016 - 12:00 a.m.
CVE-2016-2109
2016-04-2500:00:00
ubuntu.com
ubuntu.com
23
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.842 High
EPSS
Percentile
98.5%
The asn1_d2i_read_bio function in crypto/asn1/a_d2i_fp.c in the ASN.1 BIO
implementation in OpenSSL before 1.0.1t and 1.0.2 before 1.0.2h allows
remote attackers to cause a denial of service (memory consumption) via a
short invalid encoding.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| ubuntu | 17.10 | noarch | openssl | < 1.0.2g-1ubuntu5 | UNKNOWN |
| ubuntu | 18.04 | noarch | openssl | < 1.0.2g-1ubuntu5 | UNKNOWN |
| ubuntu | 18.10 | noarch | openssl | < 1.0.2g-1ubuntu5 | UNKNOWN |
| ubuntu | 19.04 | noarch | openssl | < 1.0.2g-1ubuntu5 | UNKNOWN |
| ubuntu | 12.04 | noarch | openssl | < 1.0.1-4ubuntu5.36 | UNKNOWN |
| ubuntu | 14.04 | noarch | openssl | < 1.0.1f-1ubuntu2.19 | UNKNOWN |
| ubuntu | 15.10 | noarch | openssl | < 1.0.2d-0ubuntu1.5 | UNKNOWN |
| ubuntu | 16.04 | noarch | openssl | < 1.0.2g-1ubuntu4.1 | UNKNOWN |
| ubuntu | 16.10 | noarch | openssl | < 1.0.2g-1ubuntu5 | UNKNOWN |
| ubuntu | 17.04 | noarch | openssl | < 1.0.2g-1ubuntu5 | UNKNOWN |
Related
cve
cve
CVE-2016-2109
2016-05-05 01:59:00
nessus
nessus
F5 Networks BIG-IP : OpenSSL vulnerability (K23230229)
2016-11-21 00:00:00
Blue Coat ProxySG 6.5.x < 6.5.9.8 / 6.6.x < 6.6.4.1 Multiple OpenSSL Vulnerabilities
2016-09-08 00:00:00
EulerOS 2.0 SP3 : openssl098e (EulerOS-SA-2019-2271)
2019-11-08 00:00:00
hackerone
hackerone
Internet Bug Bounty: ASN.1 BIO excessive memory allocation (CVE-2016-2109)
2016-04-26 22:31:48
f5
f5
K23230229 : OpenSSL vulnerability CVE-2016-2109
2016-05-07 00:00:00
SOL23230229 - OpenSSL vulnerability CVE-2016-2109
2016-05-06 00:00:00
K07538415 : Multiple OpenSSL vulnerabilities
2016-05-04 00:00:00
prion
prion
Information disclosure
2016-05-05 01:59:00
osv
osv
CVE-2016-2109
2016-05-05 01:59:00
openssl - security update
2016-05-03 00:00:00
openssl - security update
2016-05-03 00:00:00
openssl
openssl
Vulnerability in OpenSSL CVE-2016-2109
2016-05-03 00:00:00
debiancve
debiancve
CVE-2016-2109
2016-05-05 01:59:00
veracode
veracode
Denial Of Service (DoS)
2017-01-27 02:30:54
alpinelinux
alpinelinux
CVE-2016-2109
2016-05-05 01:59:00
ibm
ibm
openvas
openvas
Huawei EulerOS: Security Advisory for openssl098e (EulerOS-SA-2019-2271)
2020-01-23 00:00:00
Mageia: Security Advisory (MGASA-2016-0169)
2016-05-09 00:00:00
SUSE: Security Advisory (SUSE-SU-2016:1228-1)
2021-04-19 00:00:00
oraclelinux
oraclelinux
openssl security update
2016-06-21 00:00:00
openssl security update
2016-05-09 00:00:00
openssl-fips security update
2016-06-15 00:00:00
suse
suse
Security update for compat-openssl097g (important)
2016-05-04 18:08:19
Security update for openssl (important)
2016-05-05 13:11:19
Security update for openssl (important)
2016-05-05 18:08:51
mageia
mageia
Updated openssl packages fix security vulnerability
2016-05-08 00:22:48
paloalto
paloalto
OpenSSL Vulnerabilities
2016-09-02 00:00:00
ubuntu
ubuntu
OpenSSL vulnerabilities
2016-05-03 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-16:17.openssl
2016-05-04 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 8 package openssl10 version 1.0.2h-alt1
2016-05-04 00:00:00
Security fix for the ALT Linux 9 package openssl10 version 1.0.2h-alt1
2016-05-03 00:00:00
cloudfoundry
cloudfoundry
USN-2959-1 OpenSSL vulnerabilities | Cloud Foundry
2016-05-06 00:00:00
aix
aix
Vulnerabilities in OpenSSL affect AIX
2016-07-12 14:14:43
amazon
amazon
Important: openssl
2016-05-03 10:30:00
nodejsblog
nodejsblog
OpenSSL updates, 1.0.1t and 1.0.2h
2016-05-02 00:00:00
slackware
slackware
[slackware-security] openssl
2016-05-03 21:05:31
debian
debian
[SECURITY] [DLA 456-1] openssl security update
2016-05-03 20:53:46
[SECURITY] [DSA 3566-1] openssl security update
2016-05-03 18:24:21
freebsd
freebsd
OpenSSL -- multiple vulnerabilities
2016-05-03 00:00:00
fortinet
fortinet
OpenSSL Advisory - May 2016
2016-09-22 00:00:00
archlinux
archlinux
openssl: multiple issues
2016-05-04 00:00:00
lib32-openssl: multiple issues
2016-05-04 00:00:00
huawei
huawei
Security Advisory - Multiple Vulnerabilities in OpenSSL in May 2016
2016-07-06 00:00:00
arista
arista
Security Advisory 0020
2016-05-06 00:00:00
cisco
cisco
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016
2016-05-04 19:30:00
fedora
fedora
[SECURITY] Fedora 23 Update: mingw-openssl-1.0.2h-1.fc23
2016-05-21 00:02:56
[SECURITY] Fedora 24 Update: mingw-openssl-1.0.2h-1.fc24
2016-05-16 17:21:44
centos
centos
openssl security update
2016-05-16 10:25:52
openssl security update
2016-05-09 08:40:50
redhat
redhat
(RHSA-2016:0722) Important: openssl security update
2016-05-09 04:44:04
(RHSA-2016:0996) Important: openssl security update
2016-05-10 07:00:21
(RHSA-2016:2073) Important: openssl security update
2016-10-18 06:21:20
symantec
symantec
SA123 : OpenSSL Vulnerabilities 3-May-2016
2016-05-09 08:00:00
gentoo
gentoo
OpenSSL: Multiple vulnerabilities
2016-12-07 00:00:00
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.8 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:N/I:N/A:C
0.842 High
EPSS
Percentile
98.5%
Related for UB:CVE-2016-2109