vulnerability
SUSE: CVE-2016-0701: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 3 | (AV:N/AC:H/Au:N/C:P/I:N/A:N) | 2016-02-14 | 2016-03-03 | 2022-02-04 |
Severity
3
CVSS
(AV:N/AC:H/Au:N/C:P/I:N/A:N)
Published
2016-02-14
Added
2016-03-03
Modified
2022-02-04
Description
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file.
Solution(s)
suse-upgrade-libopenssl-1_0_0-develsuse-upgrade-libopenssl-1_1-develsuse-upgrade-libopenssl-1_1-devel-32bitsuse-upgrade-libopenssl-develsuse-upgrade-libopenssl10suse-upgrade-libopenssl1_0_0suse-upgrade-libopenssl1_1suse-upgrade-libopenssl1_1-32bitsuse-upgrade-libopenssl1_1-hmacsuse-upgrade-libopenssl1_1-hmac-32bitsuse-upgrade-opensslsuse-upgrade-openssl-1_0_0suse-upgrade-openssl-1_1
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.