Lucene search

[email protected]CVE-2016-0777

HistoryJan 14, 2016 - 10:59 p.m.

CVE-2016-0777

2016-01-1422:59:01

CWE-200

[email protected]

web.nvd.nist.gov

2874

openssh

cve-2016-0777

memory leak

private keys

remote servers

information security

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.4 Medium

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

62.0%

JSON

The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key.

Affected configurations

NVD

Node

sophosunified_threat_management_softwareMatch9.318

sophosunified_threat_management_softwareMatch9.353

AND

sophosunified_threat_managementMatch110

sophosunified_threat_managementMatch120

sophosunified_threat_managementMatch220

sophosunified_threat_managementMatch320

sophosunified_threat_managementMatch425

sophosunified_threat_managementMatch525

sophosunified_threat_managementMatch625

Node

oraclelinuxMatch7

oraclesolarisMatch11.3

Node

openbsdopensshMatch5.0

openbsdopensshMatch5.0p1

openbsdopensshMatch5.1

openbsdopensshMatch5.1p1

openbsdopensshMatch5.2

openbsdopensshMatch5.2p1

openbsdopensshMatch5.3

openbsdopensshMatch5.3p1

openbsdopensshMatch5.4

openbsdopensshMatch5.4p1

openbsdopensshMatch5.5

openbsdopensshMatch5.5p1

openbsdopensshMatch5.6

openbsdopensshMatch5.6p1

openbsdopensshMatch5.7

openbsdopensshMatch5.7p1

openbsdopensshMatch5.8

openbsdopensshMatch5.8p1

openbsdopensshMatch5.9

openbsdopensshMatch5.9p1

openbsdopensshMatch6.0

openbsdopensshMatch6.0p1

openbsdopensshMatch6.1

openbsdopensshMatch6.1p1

openbsdopensshMatch6.2

openbsdopensshMatch6.2p1

openbsdopensshMatch6.2p2

openbsdopensshMatch6.3

openbsdopensshMatch6.3p1

openbsdopensshMatch6.4

openbsdopensshMatch6.4p1

openbsdopensshMatch6.5

openbsdopensshMatch6.5p1

openbsdopensshMatch6.6

openbsdopensshMatch6.6p1

openbsdopensshMatch6.7

openbsdopensshMatch6.7p1

openbsdopensshMatch6.8

openbsdopensshMatch6.8p1

openbsdopensshMatch6.9

openbsdopensshMatch6.9p1

openbsdopensshMatch7.0

openbsdopensshMatch7.0p1

openbsdopensshMatch7.1

openbsdopensshMatch7.1p1

Node

hpremote_device_access_virtual_customer_access_systemRange≤15.07

Node

applemac_os_xRange≤10.11.3

CPENameOperatorVersion
sophos:unified_threat_management_softwaresophos unified threat management softwareeq9.318
sophos:unified_threat_management_softwaresophos unified threat management softwareeq9.353

CPE	Name	Operator	Version
sophos:unified_threat_management_software	sophos unified threat management software	eq	9.318
sophos:unified_threat_management_software	sophos unified threat management software	eq	9.353

References

kb.juniper.net/InfoCenter/index?page=content&id=JSA10734

lists.apple.com/archives/security-announce/2016/Mar/msg00004.html

lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html

lists.fedoraproject.org/pipermail/package-announce/2016-January/175592.html

lists.fedoraproject.org/pipermail/package-announce/2016-January/175676.html

lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html

lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html

packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html

seclists.org/fulldisclosure/2016/Jan/44

www.debian.org/security/2016/dsa-3446

www.openssh.com/txt/release-7.1p2

www.openwall.com/lists/oss-security/2016/01/14/7

www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

www.securityfocus.com/archive/1/537295/100/0/threaded

www.securityfocus.com/bid/80695

www.securitytracker.com/id/1034671

www.ubuntu.com/usn/USN-2869-1

blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/

blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/

bto.bluecoat.com/security-advisory/sa109

cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680

h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

security.FreeBSD.org/advisories/FreeBSD-SA-16:07.openssh.asc

security.gentoo.org/glsa/201601-01

support.apple.com/HT206167

Social References

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

6.4 Medium

AI Score

Confidence

High

4 Medium

CVSS2

Access Vector

Access Complexity

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

0.002 Low

EPSS

Percentile

62.0%

JSON

CVE-2016-0777

Affected configurations

References

Social References

Related