Vulnerability & Exploit Database

Displaying entries 1 - 10 of 47 in total

Results for: CVE-2016-2186 Back to search

Oracle Solaris 11: CVE-2016-7055: Vulnerability in OpenSSL Vulnerability

  • Severity: 3
  • Published: May 04, 2017

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not us...

Juniper Junos OS: 2017-07 Security Bulletin: OpenSSL Security Advisory [26 Jan 2017] (JSA10775) (multiple CVEs) Vulnerability

  • Severity: 5
  • Published: May 04, 2017

If an SSL/TLS server or client is running on a 32-bit host, and a specific cipher is being used, then a truncated packet can cause that server or client to perform an out-of-bounds read, usually resulting in a crash. For OpenSSL 1.1.0, the crash can be triggered when using CHACHA20/POLY1305; users should upgrade to 1.1.0d. For Openssl 1....

Gentoo Linux: CVE-2016-7055: OpenSSL: Multiple vulnerabilities Vulnerability

  • Severity: 3
  • Published: May 04, 2017

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not us...

Alpine Linux: CVE-2016-7055: openssl Multiple issues Vulnerability

  • Severity: 3
  • Published: May 04, 2017

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not us...

OpenSSL Montgomery multiplication may produce incorrect results (CVE-2016-7055) Vulnerability

  • Severity: 3
  • Published: November 11, 2016

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not us...

SUSE: CVE-2016-7055: SUSE Linux Security Advisory Vulnerability

  • Severity: 3
  • Published: November 10, 2016

There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is because the subroutine in question is not us...

SUSE: CVE-2016-6306: SUSE Linux Security Advisory Vulnerability

  • Severity: 4
  • Published: September 26, 2016

The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.

Oracle Solaris 11: CVE-2016-6306: Vulnerability in MySQL, OpenSSL Vulnerability

  • Severity: 4
  • Published: September 26, 2016

The certificate parser in OpenSSL before 1.0.1u and 1.0.2 before 1.0.2i might allow remote attackers to cause a denial of service (out-of-bounds read) via crafted certificate operations, related to s3_clnt.c and s3_srvr.c.