CVE-2016-0704 — Sensitive Information Exposure in Openssl

CWE-200 — Sensitive Information Exposure CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-310 CWE-39917 documents13 sources

Severity

5.9MEDIUMNVD

EPSS

6.0%

top 9.30%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openssl Debian Openssl Paloalto Pan-os

Timeline

PublishedMar 2

Latest updateDec 29

Description

An oracle protection mechanism in the get_client_master_key function in s2_srvr.c in the SSLv2 implementation in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and 1.0.2 before 1.0.2a overwrites incorrect MASTER-KEY bytes during use of export cipher suites, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, a related issue to CVE-2016-0800.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages4 packages

▶debiandebian/openssl< openssl 1.0.0c-2 (bookworm)

▶Debianopenssl/openssl< 1.0.0c-2+3

▶NVDopenssl/openssl0.9.8ze+32

▶Palo Altopaloalto/pan-os

🔴Vulnerability Details

GHSA

GHSA-m84j-fv95-cmq3: An oracle protection mechanism in the get_client_master_key function in s2_srvr↗2022-05-14

▶

OSV

CVE-2016-0704: An oracle protection mechanism in the get_client_master_key function in s2_srvr↗2016-03-02

▶

📋Vendor Advisories

CISA ICS

Siemens SCALANCE X-200RNA Switch Devices↗2022-12-19

▶

Palo Alto

PAN-SA-2016-0030 OpenSSL Vulnerabilities↗2016-10-18

▶

BSD

FreeBSD-SA-16:12.openssl: Multiple OpenSSL vulnerabilities↗2016-03-10

▶

Cisco

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016↗2016-03-02

▶

Red Hat

openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers↗2016-03-01

▶

🕵️Threat Intelligence

Tenable

[R3] LCE 5.0.0 Fixes Multiple Third-party Library Vulnerabilities↗2017-01-31

▶

Tenable

[R12] OpenSSL '20160301' Advisory Affects Tenable Products↗2016-03-02

▶

📄Research Papers

arXiv

One Bad Apple Spoils the Barrel: Understanding the Security Risks Introduced by Third-Party Components in IoT Firmware↗2022-12-29

▶

💬Community

HackerOne

Bleichenbacher oracle in SSLv2 (CVE-2016-0704)↗2016-06-01

▶

Bugzilla

CVE-2016-0704 openssl: SSLv2 Bleichenbacher protection overwrites wrong bytes for export ciphers↗2016-02-22

▶

Bugzilla

CVE-2016-0800 SSL/TLS: Cross-protocol attack on TLS using SSLv2 (DROWN)↗2016-02-22

▶

Bugzilla

CVE-2016-0703 openssl: Divide-and-conquer session key recovery in SSLv2↗2016-02-22

▶