vulnerability

Oracle Solaris 11: CVE-2016-6302: Vulnerability in MySQL, OpenSSL

Try Surface Command
Back to search
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
2016-09-16
Added
2017-05-29
Modified
2022-02-01

Description

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.

Solution(s)

oracle-solaris-11-3-upgrade-database-mysql-55-5-5-54-0-175-3-19-0-2-0oracle-solaris-11-3-upgrade-database-mysql-55-client-5-5-54-0-175-3-19-0-2-0oracle-solaris-11-3-upgrade-database-mysql-55-library-5-5-54-0-175-3-19-0-2-0oracle-solaris-11-3-upgrade-database-mysql-55-tests-5-5-54-0-175-3-19-0-2-0oracle-solaris-11-3-upgrade-database-mysql-56-5-6-35-0-175-3-19-0-2-0oracle-solaris-11-3-upgrade-database-mysql-56-client-5-6-35-0-175-3-19-0-2-0oracle-solaris-11-3-upgrade-database-mysql-56-library-5-6-35-0-175-3-19-0-2-0oracle-solaris-11-3-upgrade-database-mysql-56-tests-5-6-35-0-175-3-19-0-2-0oracle-solaris-11-3-upgrade-database-mysql-57-5-7-23-0-175-3-35-0-5-0oracle-solaris-11-3-upgrade-database-mysql-57-client-5-7-23-0-175-3-35-0-5-0oracle-solaris-11-3-upgrade-database-mysql-57-embedded-5-7-23-0-175-3-35-0-5-0oracle-solaris-11-3-upgrade-database-mysql-57-library-5-7-23-0-175-3-35-0-5-0oracle-solaris-11-3-upgrade-database-mysql-57-tests-5-7-23-0-175-3-35-0-5-0oracle-solaris-11-3-upgrade-library-security-openssl-1-0-1-21-0-175-3-13-0-4-0oracle-solaris-11-3-upgrade-library-security-openssl-openssl-fips-140-2-0-6-0-175-3-13-0-4-0oracle-solaris-11-3-upgrade-runtime-perl-512-5-12-5-0-175-3-19-0-2-0oracle-solaris-11-3-upgrade-runtime-perl-threaded-512-5-12-5-0-175-3-19-0-2-0

References

Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today