exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 42 RSS Feed

CVE-2016-2183

Status Candidate

Overview

The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.

Related Files

Red Hat Security Advisory 2021-2438-01
Posted Jul 28, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-2438-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include bypass, code execution, denial of service, open redirection, resource exhaustion, and remote shell upload vulnerabilities.

tags | advisory, remote, denial of service, shell, vulnerability, code execution
systems | linux, redhat
advisories | CVE-2016-2183, CVE-2020-15106, CVE-2020-15112, CVE-2020-15113, CVE-2020-15114, CVE-2020-15136, CVE-2020-26160, CVE-2020-26541, CVE-2020-28469, CVE-2020-28500, CVE-2020-28852, CVE-2020-7774, CVE-2021-20206, CVE-2021-20271, CVE-2021-20291, CVE-2021-21419, CVE-2021-21623, CVE-2021-21639, CVE-2021-21640, CVE-2021-21648, CVE-2021-22133, CVE-2021-23337, CVE-2021-23362, CVE-2021-23368, CVE-2021-23382, CVE-2021-25735
SHA-256 | 44f1588b77c38919a903c4dffe0b5b58cf96f91a447694471f228851a5f89f6d
Red Hat Security Advisory 2021-0308-01
Posted Feb 8, 2021
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2021-0308-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.6.16. Issues addressed include memory leak and privilege escalation vulnerabilities.

tags | advisory, vulnerability, memory leak
systems | linux, redhat
advisories | CVE-2015-8011, CVE-2016-2183, CVE-2020-14382, CVE-2021-20198, CVE-2021-3344
SHA-256 | dca033969dbad57e5b0b2d3a6a1dad57f3f1a39cd52810fbcbaa5225da1fd411
Red Hat Security Advisory 2020-3842-01
Posted Oct 1, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-3842-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-2183
SHA-256 | 56a30f99d0a7116668054648ca24d0b115dc937c74d74c4219d5d7d58fb5e3be
Red Hat Security Advisory 2020-0451-01
Posted Feb 20, 2020
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2020-0451-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. A TLS/SSL Birthday attack vulnerability from 2016 was addressed.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-2183, CVE-2019-13734
SHA-256 | 291865ffa3d8906d6d382894ce0bccbded17d9c8121ae91b54e3bd1b6d94ac4e
Red Hat Security Advisory 2019-2859-01
Posted Sep 28, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-2859-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-2183
SHA-256 | 40451a3e91f8c375ed9756916a89ddfa51c0db004cc015909e67489a6c9aad88
Red Hat Security Advisory 2019-1245-01
Posted May 20, 2019
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2019-1245-01 - An update is now available for Red Hat Quay 3. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory
systems | linux, redhat
advisories | CVE-2016-2183
SHA-256 | 6a3ad047041bafc7aec7a00f709ef5bb136a7c52c4e176c7c02217045a47b31a
Micro Focus Security Bulletin MFSBGN03831
Posted Nov 13, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03831 - A potential vulnerability has been identified in Micro Focus Service Management Automation. The vulnerability could be exploited to remote disclosure of information. Revision 1 of this advisory.

tags | advisory, remote
advisories | CVE-2016-2183
SHA-256 | 4e5c1669c7d98b3695c06dd31de33d789391c943aeeaaa94fcea01960f28bb0c
Red Hat Security Advisory 2018-2123-01
Posted Jul 3, 2018
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2018-2123-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Issues addressed include a man-in-the-middle vulnerability.

tags | advisory, python
systems | linux, redhat
advisories | CVE-2016-2183
SHA-256 | 7ad86fc17a31d32e3179b469bb0ec5013bd778f541951c2833227c01ebf828cc
Micro Focus Security Bulletin MFSBGN03805 1
Posted May 10, 2018
Authored by Micro Focus | Site microfocus.com

Micro Focus Security Bulletin MFSBGN03805 1 - A potential security vulnerability has been identified in Service Manager. This vulnerability may allow an exploit against a long-duration encrypted session known as the Sweet32 attack, and which may be exploited remotely. Revision 1 of this advisory.

tags | advisory
advisories | CVE-2016-2183, CVE-2016-6329
SHA-256 | 41ec0d7db7666fd59ab21f30c1de4c0a04bd291007704f5d42e7fca89ca44d2d
Red Hat Security Advisory 2017-3240-01
Posted Nov 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3240-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release provides an update to httpd and OpenSSL. The updates are documented in the Release Notes document linked to in the References. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.

tags | advisory, java, web, protocol
systems | linux, redhat
advisories | CVE-2016-2183, CVE-2017-9788, CVE-2017-9798
SHA-256 | 9ece2803c2591e72b00995bee6a9207f1fc1a788275558bc426859472b8646ba
Red Hat Security Advisory 2017-3239-01
Posted Nov 17, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3239-01 - Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. This release provides an update to httpd and OpenSSL. The updates are documented in the Release Notes document linked to in the References. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library.

tags | advisory, java, web, protocol
systems | linux, redhat
advisories | CVE-2016-2183, CVE-2017-9788, CVE-2017-9798
SHA-256 | 8c237943c4ac9a76f526c8ffc99d75cff7c3ccc83117866ca934cb993d17f871
Red Hat Security Advisory 2017-3113-01
Posted Nov 2, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3113-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. This release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2.1.2. The updates are documented in the Release Notes document linked to in the References.

tags | advisory, java, web, protocol
systems | linux, redhat
advisories | CVE-2016-2183, CVE-2017-12615, CVE-2017-12617, CVE-2017-9788, CVE-2017-9798
SHA-256 | e80b0fcbb38aa711afd94164c46a4d66836309940cad5bd3b018175cafbed643
Red Hat Security Advisory 2017-3114-01
Posted Nov 2, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-3114-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages technologies. This release provides an update to httpd, OpenSSL and Tomcat 6/7 for Red Hat JBoss Web Server 2. The updates are documented in the Release Notes document linked to in the References.

tags | advisory, java, web, protocol
systems | linux, redhat
advisories | CVE-2016-2183, CVE-2017-12615, CVE-2017-12617, CVE-2017-9788, CVE-2017-9798
SHA-256 | 8f2eec1450923a924fac99bd469b6cfb955af68e4eb0c7360e7582feb701dd46
Red Hat Security Advisory 2017-2709-01
Posted Sep 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2709-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2 serves as an update for Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2015-3185, CVE-2016-2183, CVE-2017-9788
SHA-256 | 2ac64c19d1282e8e4757edfb228e6d060ab5b7c725aa50c650b9389e6a8d12de
Red Hat Security Advisory 2017-2710-01
Posted Sep 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2710-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2 serves as an update for Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2015-3185, CVE-2016-2183, CVE-2017-9788
SHA-256 | f2fe37f0306236a787af5128425d4e437d5540a95b02a9f907fb8336199a0a34
Red Hat Security Advisory 2017-2708-01
Posted Sep 14, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-2708-01 - Red Hat JBoss Core Services is a set of supplementary software for Red Hat JBoss middleware products. This software, such as Apache HTTP Server, is common to multiple JBoss middleware products, and is packaged under Red Hat JBoss Core Services to allow for faster distribution of updates, and for a more consistent update experience. This release of Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 2 serves as an update for Red Hat JBoss Core Services Apache HTTP Server 2.4.23 Service Pack 1, and includes bug fixes, which are documented in the Release Notes document linked to in the References.

tags | advisory, web
systems | linux, redhat
advisories | CVE-2015-3185, CVE-2016-2183, CVE-2017-9788
SHA-256 | 66e84ee5fd498fe4ddec7d8e290d18e7f6622bf5cca3405b49e82ae2ead7feae
HPE Security Bulletin HPESBGN03765 2
Posted Aug 31, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBGN03765 2 - A security vulnerability in the DES/3DES block ciphers used in the TLS protocol could potentially impact HPE LoadRunner and HPE Performance Center resulting in remote disclosure of information. This is also known as the SWEET32 attack. Revision 2 of this advisory.

tags | advisory, remote, protocol
advisories | CVE-2016-2183
SHA-256 | 948d29ad7d087b66e32a4c02373d48f779582beea0bda6a1bd420ce52660e466
Ubuntu Security Notice USN-3372-1
Posted Jul 31, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3372-1 - It was discovered that NSS incorrectly handled certain empty SSLv2 messages. A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update causes NSS to limit use of the same symmetric key. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2016-2183, CVE-2017-7502
SHA-256 | e388acc86dcf59e73c62e313ac038fabb06265810beaf16fd3db321a90afdfb4
Gentoo Linux Security Advisory 201707-01
Posted Jul 5, 2017
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201707-1 - Multiple vulnerabilities have been found in IcedTea, the worst of which may allow execution of arbitrary code. Versions less than 3.4.0 are affected.

tags | advisory, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3260, CVE-2017-3261, CVE-2017-3272, CVE-2017-3289, CVE-2017-3509, CVE-2017-3511, CVE-2017-3512, CVE-2017-3514, CVE-2017-3526, CVE-2017-3533, CVE-2017-3539, CVE-2017-3544
SHA-256 | 0623e4d3abca09377537db725ce4ff922ab591a92df4341620aa94a4e2072b3c
IBM Informix Dynamic Server DLL Injection / Code Execution
Posted May 31, 2017
Site securiteam.com

IBM Informix Dynamic Server suffers from dll injection, PHP code injection, and heap buffer overflow vulnerabilities.

tags | exploit, overflow, php, vulnerability
advisories | CVE-2016-2183, CVE-2017-1092
SHA-256 | ac5d0ef0f10cad9d7b9a1524abc605c6815ee7dc5254833cf12c5cdbb411f95b
Red Hat Security Advisory 2017-1216-01
Posted May 10, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-1216-01 - IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR4-FP1. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-0264, CVE-2016-0363, CVE-2016-0376, CVE-2016-0686, CVE-2016-0687, CVE-2016-2183, CVE-2016-3422, CVE-2016-3426, CVE-2016-3427, CVE-2016-3443, CVE-2016-3449, CVE-2016-3511, CVE-2016-3598, CVE-2016-5542, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2016-5554, CVE-2016-5556, CVE-2016-5573, CVE-2016-5597, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259
SHA-256 | 84dd0e9308948c7a415adab659e14d620e0b251a8ae7e925fb16b9d7d3d57359
Ubuntu Security Notice USN-3270-1
Posted Apr 27, 2017
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3270-1 - Karthik Bhargavan and Gaetan Leurent discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. A remote attacker could possibly use this flaw to obtain clear text data from long encrypted sessions. This update causes NSS to limit use of the same symmetric key. It was discovered that NSS incorrectly handled Base64 decoding. A remote attacker could use this flaw to cause NSS to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary
systems | linux, ubuntu
advisories | CVE-2016-2183, CVE-2017-5461
SHA-256 | 44be071f187a0942450fff54f9c82abbf62b4771273b8f124a15a42e6b7d3d03
HPE Security Bulletin HPESBUX03725 1
Posted Mar 30, 2017
Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBUX03725 1 - Potential security vulnerabilities have been identified with HP-UX Web Server Suite running Apache on HP-UX 11iv3. These vulnerabilities could be exploited remotely to create a Denial of Service (DoS), Unauthorized Read Access to Data and other impacts including: * Padding Oracle attack in Apache mod_session_crypto * Apache HTTP Request Parsing Whitespace Defects. Revision 1 of this advisory.

tags | advisory, web, denial of service, vulnerability
systems | hpux
advisories | CVE-2016-0736, CVE-2016-2161, CVE-2016-2183, CVE-2016-8740, CVE-2016-8743
SHA-256 | 5df1b537a3a2899886f0263d940c4193b758bfc583dd96021c5e940a90f029a8
Red Hat Security Advisory 2017-0462-01
Posted Mar 9, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0462-01 - IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR4-FP1. Security Fix: This update fixes a vulnerability in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java
systems | linux, redhat
advisories | CVE-2016-2183
SHA-256 | a9ede31c21d3d69ec42ea4b1dfcf623badf9ec565e1a5678bbc35646c568d82a
Red Hat Security Advisory 2017-0337-01
Posted Feb 28, 2017
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0337-01 - IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7 SR10-FP1. Security Fix: This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit.

tags | advisory, java, vulnerability
systems | linux, redhat
advisories | CVE-2016-2183, CVE-2016-5546, CVE-2016-5547, CVE-2016-5548, CVE-2016-5549, CVE-2016-5552, CVE-2017-3231, CVE-2017-3241, CVE-2017-3252, CVE-2017-3253, CVE-2017-3259, CVE-2017-3261, CVE-2017-3272, CVE-2017-3289
SHA-256 | 80816e5e06d1db1e4705f1cf3b21b2fa3078e663cae98366b11473550ceaafb6
Page 1 of 2
Back12Next

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    0 Files
  • 20
    Mar 20th
    0 Files
  • 21
    Mar 21st
    0 Files
  • 22
    Mar 22nd
    0 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    0 Files
  • 26
    Mar 26th
    0 Files
  • 27
    Mar 27th
    0 Files
  • 28
    Mar 28th
    0 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close