Back to search

Cisco NX-OS: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 (Multiple CVEs)

Severity	CVSS	Published	Added	Modified
8	(AV:N/AC:L/Au:N/C:N/I:N/A:C)	September 26, 2016	January 05, 2017	March 21, 2018

Description

Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.

Free Nexpose Download

Discover, prioritize, and remediate security risks today!

Download now

Solution

update-nxos

Related Vulnerabilities

Cisco ASA: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products September 2016 (cisco-sa-20160927-openssl) (CVE-2016-2183)
Gentoo Linux: CVE-2016-2177: OpenSSL: Multiple vulnerabilities
SUSE: CVE-2016-2183: SUSE Linux Security Advisory
Oracle Linux: (CVE-2016-2181) ELSA-2016-1940: openssl security update
IBM AIX: openssl_advisory21 (CVE-2016-6306): Vulnerabilities in OpenSSL affects AIX
SUSE: CVE-2016-6306: SUSE Linux Security Advisory
Huawei EulerOS: CVE-2016-2183: python security update
Oracle Solaris 11: CVE-2016-2180: Vulnerability in MySQL, OpenSSL
CentOS: (CVE-2016-2180) CESA-2016:1940: openssl
Java CPU January 2017 Java SE, Java SE Embedded Libraries vulnerability (CVE-2016-2183)
Amazon Linux AMI: CVE-2016-6304: Security patch for openssl (ALAS-2016-749)
OpenSSL DTLS buffered message DoS (CVE-2016-2179)
Ubuntu: (Multiple Advisories) (CVE-2016-2177): OpenSSL vulnerabilities
Debian: CVE-2016-2179: openssl -- security update
Amazon Linux AMI: CVE-2016-6306: Security patch for openssl (ALAS-2016-755)
Huawei EulerOS: CVE-2016-2181: openssl security update
Gentoo Linux: CVE-2016-6306: OpenSSL: Multiple vulnerabilities
Red Hat: CVE-2016-2180: Important: openssl security update (RHSA-2016:1940)
Alpine Linux: CVE-2016-6306: openssl Security issues
FreeBSD: VID-43EAA656-80BC-11E6-BF52-B499BAEBFEAF (CVE-2016-6306): OpenSSL -- multiple vulnerabilities
CentOS: (CVE-2016-2177) CESA-2016:1940: openssl
F5 Networks: K90492697 (CVE-2016-6306): OpenSSL vulnerability CVE-2016-6306
Oracle Linux: (CVE-2016-2179) ELSA-2016-1940: openssl security update
TLS/SSL Birthday attacks on 64-bit block ciphers (SWEET32)
F5 Networks: K13167034 (CVE-2016-2183): OpenSSL vulnerability CVE-2016-2183
Huawei EulerOS: CVE-2016-2179: openssl security update
Oracle Solaris 11: CVE-2016-6304: Vulnerability in MySQL, OpenSSL
Debian: CVE-2016-2180: openssl -- security update
HP-UX: CVE-2016-2183: HPE HP-UX Web Server Suite running Apache, Multiple Vulnerabilities
OpenSSL OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
Debian: CVE-2016-2183: openssl -- security update
Ubuntu: USN-3087-1 (CVE-2016-6306): OpenSSL vulnerabilities
Oracle Solaris 11: CVE-2016-2177: Vulnerability in MySQL, OpenSSL
Ubuntu: USN-3087-1 (CVE-2016-2180): OpenSSL vulnerabilities
Red Hat: CVE-2016-6304: Important: openssl security update ((Multiple Advisories))
IBM AIX: openssl_advisory21 (CVE-2016-2179): Vulnerabilities in OpenSSL affects AIX
Debian: CVE-2016-6306: openssl -- security update
IBM AIX: openssl_advisory21 (CVE-2016-6304): Vulnerabilities in OpenSSL affects AIX
FreeBSD: VID-43EAA656-80BC-11E6-BF52-B499BAEBFEAF (CVE-2016-2181): OpenSSL -- multiple vulnerabilities
Oracle Linux: (CVE-2016-2180) ELSA-2016-1940: openssl security update
OS X update for LibreSSL (CVE-2016-6304)
Huawei EulerOS: CVE-2016-6306: openssl security update
Amazon Linux AMI: CVE-2016-2179: Security patch for openssl (ALAS-2016-755)
Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 5
Alpine Linux: CVE-2016-2181: openssl Multiple issues
Cisco ASA: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products September 2016 (cisco-sa-20160927-openssl) (CVE-2016-2181)
Gentoo Linux: CVE-2016-2183: Oracle JRE/JDK: Multiple vulnerabilities
CentOS: (CVE-2016-6304) CESA-2016:1940: openssl
Amazon Linux AMI: CVE-2016-2181: Security patch for openssl (ALAS-2016-755)
Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 7
Gentoo Linux: CVE-2016-2180: OpenSSL: Multiple vulnerabilities
F5 Networks: K23873366 (CVE-2016-2177): OpenSSL vulnerability CVE-2016-2177
Huawei EulerOS: CVE-2016-2180: openssl security update
Debian: CVE-2016-2181: openssl -- security update
Red Hat: CVE-2016-6306: Important: openssl security update (RHSA-2016:1940)
FreeBSD: (Multiple Advisories) (CVE-2016-2177): OpenSSL -- multiple vulnerabilities
Oracle Solaris 11: CVE-2016-2183: Vulnerability in MySQL, OpenSSL
SUSE: CVE-2016-2180: SUSE Linux Security Advisory
IBM AIX: openssl_advisory21 (CVE-2016-2181): Vulnerabilities in OpenSSL affects AIX
Ubuntu: USN-3087-1 (CVE-2016-6304): OpenSSL vulnerabilities
OpenSSL Certificate message OOB reads (CVE-2016-6306)
OpenSSL Pointer arithmetic undefined behaviour (CVE-2016-2177)
Cisco ASA: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products September 2016 (cisco-sa-20160927-openssl) (CVE-2016-2177)
Ubuntu: USN-3087-1 (CVE-2016-2181): OpenSSL vulnerabilities
FreeBSD: openssl -- denial of service (CVE-2016-2177)
SUSE: CVE-2016-2179: SUSE Linux Security Advisory
SUSE: CVE-2016-2177: SUSE Linux Security Advisory
Cisco SAN-OS: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 (Multiple CVEs)
Gentoo Linux: CVE-2016-6304: OpenSSL: Multiple vulnerabilities
Amazon Linux AMI: CVE-2016-2177: Security patch for openssl (ALAS-2016-755)
Cisco ASA: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products September 2016 (cisco-sa-20160927-openssl) (CVE-2016-6304)
Cisco ASA: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products September 2016 (cisco-sa-20160927-openssl) (CVE-2016-2179)
F5 Networks: K54211024 (CVE-2016-6304): OpenSSL vulnerability CVE-2016-6304
Red Hat: CVE-2016-2181: Important: openssl security update (RHSA-2016:1940)
Oracle Linux: (CVE-2016-6304) ELSA-2016-1940: openssl security update
Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 4
Cisco ASA: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products September 2016 (cisco-sa-20160927-openssl) (CVE-2016-2180)
F5 Networks: K23512141 (CVE-2016-2179): OpenSSL vulnerability CVE-2016-2179
Red Hat: CVE-2016-2177: Important: openssl security update (RHSA-2016:1940)
FreeBSD: VID-43EAA656-80BC-11E6-BF52-B499BAEBFEAF (CVE-2016-2179): OpenSSL -- multiple vulnerabilities
OS X update for OpenSSL (CVE-2016-6304)
OpenSSL DTLS replay protection DoS (CVE-2016-2181)
F5 Networks: K59298921 (CVE-2016-2181): OpenSSL vulnerability CVE-2016-2181
Alpine Linux: CVE-2016-6304: openssl Security issues
Oracle Solaris 11: CVE-2016-6306: Vulnerability in MySQL, OpenSSL
Red Hat: CVE-2016-2183: Moderate: java-1.8.0-ibm security update ((Multiple Advisories))
Alpine Linux: CVE-2016-2177: openssl Security issues
Huawei EulerOS: CVE-2016-2177: openssl security update
F5 Networks: K02652550 (CVE-2016-2180): OpenSSL vulnerability CVE-2016-2180
Oracle Linux: (CVE-2016-6306) (Multiple Advisories): openssl security update
SUSE: CVE-2016-6304: SUSE Linux Security Advisory
IBM AIX: java_jan2017_advisory, openssl_advisory21 (CVE-2016-2183): Vulnerability in IBM Java SDK affects AIX
CentOS: (CVE-2016-2179) CESA-2016:1940: openssl
FreeBSD: VID-43EAA656-80BC-11E6-BF52-B499BAEBFEAF (CVE-2016-2180): OpenSSL -- multiple vulnerabilities
Ubuntu: USN-3087-1 (CVE-2016-2179): OpenSSL vulnerabilities
Oracle Linux: (CVE-2016-2183) (Multiple Advisories): openssl security update
OpenSSL OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
Ubuntu: (Multiple Advisories) (CVE-2016-2183): NSS vulnerability
Juniper Junos OS: 2016-10 Security Bulletin: OpenSSL security updates (JSA10759) (multiple CVEs)
SUSE: CVE-2016-2181: SUSE Linux Security Advisory

Vulnerability & Exploit Database

Cisco NX-OS: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 (Multiple CVEs)

Description

Free Nexpose Download

References

Solution

Related Vulnerabilities

Legal

Resources & Help

Connect With Us

Stay in touch: