Cisco NX-OS: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 (Multiple CVEs)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | September 26, 2016 | January 05, 2017 | July 18, 2018 |
Description
Multiple memory leaks in t1_lib.c in OpenSSL before 1.0.1u, 1.0.2 before 1.0.2i, and 1.1.0 before 1.1.0a allow remote attackers to cause a denial of service (memory consumption) via large OCSP Status Request extensions.
Scan For This Vulnerability
Use our top-rated tool to discover, prioritize, and remediate your vulnerabilities
References
- BID-91319
- BID-92117
- BID-92630
- BID-92982
- BID-92987
- BID-93150
- BID-93153
- BID-95568
- CVE-2016-2177
- CVE-2016-2179
- CVE-2016-2180
- CVE-2016-2181
- CVE-2016-2183
- CVE-2016-6304
- CVE-2016-6306
- DISA_SEVERITY-Category I
- DISA_SEVERITY-Category II
- IAVM-2017-A-0020
- IAVM-2017-A-0021
- IAVM-2017-A-0036
- IAVM-2017-A-0047
- REDHAT-RHSA-2016:1940
- REDHAT-RHSA-2016:2802
- REDHAT-RHSA-2016:2957
- REDHAT-RHSA-2017:0193
- REDHAT-RHSA-2017:0194
- REDHAT-RHSA-2017:0336
- REDHAT-RHSA-2017:0337
- REDHAT-RHSA-2017:0338
- REDHAT-RHSA-2017:0462
- REDHAT-RHSA-2017:1216
- REDHAT-RHSA-2017:1413
- REDHAT-RHSA-2017:1414
- REDHAT-RHSA-2017:1415
- REDHAT-RHSA-2017:1658
- REDHAT-RHSA-2017:1659
- REDHAT-RHSA-2017:1801
- REDHAT-RHSA-2017:1802
- REDHAT-RHSA-2017:2493
- REDHAT-RHSA-2017:2494
- REDHAT-RHSA-2017:2708
- REDHAT-RHSA-2017:2709
- REDHAT-RHSA-2017:2710
- REDHAT-RHSA-2017:3113
- REDHAT-RHSA-2017:3114
- REDHAT-RHSA-2017:3239
- REDHAT-RHSA-2017:3240
- REDHAT-RHSA-2018:2123
- REDHAT-RHSA-2018:2185
- REDHAT-RHSA-2018:2186
- REDHAT-RHSA-2018:2187
- URL: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160927-openssl
Solution
update-nxosRelated Vulnerabilities
- Cisco ASA: CVE-2016-2180: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products September 2016 (cisco-sa-20160927-openssl)
- Gentoo Linux: CVE-2016-2177: OpenSSL: Multiple vulnerabilities
- SUSE: CVE-2016-2183: SUSE Linux Security Advisory
- Oracle Linux: (CVE-2016-2181) ELSA-2016-1940: openssl security update
- CentOS: (CVE-2016-2183) CESA-2018:2123: python
- IBM AIX: openssl_advisory21 (CVE-2016-6306): Vulnerabilities in OpenSSL affects AIX
- SUSE: CVE-2016-6306: SUSE Linux Security Advisory
- Huawei EulerOS: CVE-2016-2183: python security update
- Oracle Solaris 11: CVE-2016-2180: Vulnerability in MySQL, OpenSSL
- CentOS: (CVE-2016-2180) CESA-2016:1940: openssl
- Java CPU January 2017 Java SE, Java SE Embedded Libraries vulnerability (CVE-2016-2183)
- Amazon Linux AMI: CVE-2016-6304: Security patch for openssl (ALAS-2016-749)
- OpenSSL DTLS buffered message DoS (CVE-2016-2179)
- Ubuntu: (Multiple Advisories) (CVE-2016-2177): OpenSSL vulnerabilities
- Debian: CVE-2016-2179: openssl -- security update
- Amazon Linux AMI: CVE-2016-6306: Security patch for openssl (ALAS-2016-755)
- Huawei EulerOS: CVE-2016-2181: openssl security update
- Cisco ASA: CVE-2016-2183: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products September 2016 (cisco-sa-20160927-openssl)
- IBM Java: Oracle January 17 2017 CPU (CVE-2016-2183)
- Cisco ASA: CVE-2016-6304: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products September 2016 (cisco-sa-20160927-openssl)
- Gentoo Linux: CVE-2016-6306: OpenSSL: Multiple vulnerabilities
- IBM HTTP Server: CVE-2016-2183: Sweet32:Birthday attack in TLS
- Red Hat: CVE-2016-2180: Important: openssl security update (RHSA-2016:1940)
- Alpine Linux: CVE-2016-6306: openssl Security issues
- FreeBSD: VID-43EAA656-80BC-11E6-BF52-B499BAEBFEAF (CVE-2016-6306): OpenSSL -- multiple vulnerabilities
- CentOS: (CVE-2016-2177) CESA-2016:1940: openssl
- F5 Networks: K90492697 (CVE-2016-6306): OpenSSL vulnerability CVE-2016-6306
- Oracle Linux: (CVE-2016-2179) ELSA-2016-1940: openssl security update
- TLS/SSL Birthday attacks on 64-bit block ciphers (SWEET32)
- F5 Networks: K13167034 (CVE-2016-2183): OpenSSL vulnerability CVE-2016-2183
- Huawei EulerOS: CVE-2016-2179: openssl security update
- Oracle Solaris 11: CVE-2016-6304: Vulnerability in MySQL, OpenSSL
- Debian: CVE-2016-2180: openssl -- security update
- Ubuntu: (Multiple Advisories) (CVE-2016-6306): OpenSSL regression
- HP-UX: CVE-2016-2183: HPE HP-UX Web Server Suite running Apache, Multiple Vulnerabilities
- OpenSSL OOB read in TS_OBJ_print_bio() (CVE-2016-2180)
- Debian: CVE-2016-2183: openssl -- security update
- Oracle Solaris 11: CVE-2016-2177: Vulnerability in MySQL, OpenSSL
- Red Hat: CVE-2016-6304: Important: openssl security update ((Multiple Advisories))
- IBM AIX: openssl_advisory21 (CVE-2016-2179): Vulnerabilities in OpenSSL affects AIX
- Cisco ASA: CVE-2016-2181: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products September 2016 (cisco-sa-20160927-openssl)
- Debian: CVE-2016-6306: openssl -- security update
- IBM AIX: openssl_advisory21 (CVE-2016-6304): Vulnerabilities in OpenSSL affects AIX
- FreeBSD: VID-43EAA656-80BC-11E6-BF52-B499BAEBFEAF (CVE-2016-2181): OpenSSL -- multiple vulnerabilities
- Oracle Linux: (CVE-2016-2180) ELSA-2016-1940: openssl security update
- OS X update for LibreSSL (CVE-2016-6304)
- Huawei EulerOS: CVE-2016-6306: openssl security update
- Amazon Linux AMI: CVE-2016-2179: Security patch for openssl (ALAS-2016-755)
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 5
- Alpine Linux: CVE-2016-2181: openssl Multiple issues
- Gentoo Linux: CVE-2016-2183: Oracle JRE/JDK: Multiple vulnerabilities
- CentOS: (CVE-2016-6304) CESA-2016:1940: openssl
- Amazon Linux AMI: CVE-2016-2181: Security patch for openssl (ALAS-2016-755)
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 7
- Gentoo Linux: CVE-2016-2180: OpenSSL: Multiple vulnerabilities
- IBM WebSphere Application Server: CVE-2016-2183: IBM Multiple vulnerabilities in IBM® Java SDK affects WebSphere Application Server January 2017 CPU
- F5 Networks: K23873366 (CVE-2016-2177): OpenSSL vulnerability CVE-2016-2177
- Huawei EulerOS: CVE-2016-2180: openssl security update
- Debian: CVE-2016-2181: openssl -- security update
- Red Hat: CVE-2016-6306: Important: openssl security update (RHSA-2016:1940)
- FreeBSD: (Multiple Advisories) (CVE-2016-2177): OpenSSL -- multiple vulnerabilities
- Oracle Solaris 11: CVE-2016-2183: Vulnerability in MySQL, OpenSSL
- SUSE: CVE-2016-2180: SUSE Linux Security Advisory
- IBM AIX: openssl_advisory21 (CVE-2016-2181): Vulnerabilities in OpenSSL affects AIX
- OpenSSL Certificate message OOB reads (CVE-2016-6306)
- Red Hat: CVE-2016-2183: Critical: java-1.7.1-ibm security update (Multiple Advisories)
- OpenSSL Pointer arithmetic undefined behaviour (CVE-2016-2177)
- FreeBSD: openssl -- denial of service (CVE-2016-2177)
- SUSE: CVE-2016-2179: SUSE Linux Security Advisory
- SUSE: CVE-2016-2177: SUSE Linux Security Advisory
- Ubuntu: (Multiple Advisories) (CVE-2016-2179): OpenSSL regression
- Cisco SAN-OS: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 (Multiple CVEs)
- Gentoo Linux: CVE-2016-6304: OpenSSL: Multiple vulnerabilities
- Amazon Linux AMI: CVE-2016-2177: Security patch for openssl (ALAS-2016-755)
- F5 Networks: K54211024 (CVE-2016-6304): OpenSSL vulnerability CVE-2016-6304
- Red Hat: CVE-2016-2181: Important: openssl security update (RHSA-2016:1940)
- Oracle Linux: (CVE-2016-6304) ELSA-2016-1940: openssl security update
- Vulnerabilities deemed not relevant on Red Hat Enterprise Linux 4
- F5 Networks: K23512141 (CVE-2016-2179): OpenSSL vulnerability CVE-2016-2179
- Red Hat: CVE-2016-2177: Important: openssl security update (RHSA-2016:1940)
- FreeBSD: VID-43EAA656-80BC-11E6-BF52-B499BAEBFEAF (CVE-2016-2179): OpenSSL -- multiple vulnerabilities
- OS X update for OpenSSL (CVE-2016-6304)
- OpenSSL DTLS replay protection DoS (CVE-2016-2181)
- F5 Networks: K59298921 (CVE-2016-2181): OpenSSL vulnerability CVE-2016-2181
- Alpine Linux: CVE-2016-6304: openssl Security issues
- Oracle Solaris 11: CVE-2016-6306: Vulnerability in MySQL, OpenSSL
- Alpine Linux: CVE-2016-2177: openssl Security issues
- Huawei EulerOS: CVE-2016-2177: openssl security update
- F5 Networks: K02652550 (CVE-2016-2180): OpenSSL vulnerability CVE-2016-2180
- Oracle Linux: (CVE-2016-6306) (Multiple Advisories): openssl security update
- SUSE: CVE-2016-6304: SUSE Linux Security Advisory
- HP iLO: CVE-2016-2183: Remote Disclosure of Information aka Sweet32 attack
- IBM AIX: java_jan2017_advisory, openssl_advisory21 (CVE-2016-2183): Vulnerability in IBM Java SDK affects AIX
- CentOS: (CVE-2016-2179) CESA-2016:1940: openssl
- FreeBSD: VID-43EAA656-80BC-11E6-BF52-B499BAEBFEAF (CVE-2016-2180): OpenSSL -- multiple vulnerabilities
- Oracle Linux: (CVE-2016-2183) (Multiple Advisories): openssl security update
- OpenSSL OCSP Status Request extension unbounded memory growth (CVE-2016-6304)
- Ubuntu: (Multiple Advisories) (CVE-2016-2183): NSS vulnerability
- Juniper Junos OS: 2016-10 Security Bulletin: OpenSSL security updates (JSA10759) (multiple CVEs)
- SUSE: CVE-2016-2181: SUSE Linux Security Advisory