Twenty Year Anniversary
Showing 1 - 15 of 15 RSS Feed

CVE-2016-2842

Status Candidate

Overview

The doapr_outch function in crypto/bio/b_print.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not verify that a certain memory allocation succeeds, which allows remote attackers to cause a denial of service (out-of-bounds write or memory consumption) or possibly have unspecified other impact via a long string, as demonstrated by a large amount of ASN.1 data, a different vulnerability than CVE-2016-0799.

Related Files

HP Security Bulletin HPESBHF03741 1
Posted May 4, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPESBHF03741 1 - Potential security vulnerabilities with OpenSSL have been addressed for HPE Network products including Comware 7, IMC, and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or disclosure of sensitive information, or locally exploited resulting in unauthorized disclosure of information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2016-0702, CVE-2016-0703, CVE-2016-0704, CVE-2016-0705, CVE-2016-0797, CVE-2016-0798, CVE-2016-0799, CVE-2016-0800, CVE-2016-2842
MD5 | afae0f904968fb7611307ae6c0d9cbc9
HP Security Bulletin HPSBMU03685 1
Posted Jan 19, 2017
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03685 1 - Multiple potential security vulnerabilities have been identified in HPE Insight Control server provisioning (ICsp) software. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS), arbitrary code execution, arbitrary command execution, unauthorized access to files or disclosure of sensitive information. Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability, code execution
advisories | CVE-2014-0050, CVE-2014-4877, CVE-2015-6420, CVE-2015-7547, CVE-2016-0702, CVE-2016-0705, CVE-2016-0797, CVE-2016-0799, CVE-2016-2842
MD5 | 01f1e15068ba29b221d13806efe91b63
Red Hat Security Advisory 2016-2073-01
Posted Oct 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-2073-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library.

tags | advisory, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2842
MD5 | cd7ac945ed5a0a668c9947cebcef2660
HP Security Bulletin HPSBMU03607 1
Posted Jun 2, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03607 1 - Multiple potential security vulnerabilities have been identified in HPE BladeSystem c-Class Virtual Connect (VC) firmware. These vulnerabilities include: The SSLv3 vulnerability known as "Padding Oracle on Downgraded Legacy Encryption" also known as "POODLE", which could be exploited remotely resulting in disclosure of information. The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN", which could be exploited remotely resulting in disclosure of information. Additional OpenSSL and OpenSSH vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS), disclosure of information, or Cross-site Request Forgery (CSRF). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, protocol, csrf
advisories | CVE-2008-5161, CVE-2014-3566, CVE-2015-0705, CVE-2015-1789, CVE-2015-1791, CVE-2015-3194, CVE-2015-5600, CVE-2016-0799, CVE-2016-0800, CVE-2016-2842
MD5 | 6c857b91c2ccec55f2970decf648feab
HP Security Bulletin HPSBMU03600 1
Posted May 25, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03600 1 - HPE Insight Control server provisioning has addressed security vulnerabilities in OpenSSL that could be exploited remotely resulting in Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2016-0705, CVE-2016-0799, CVE-2016-2842
MD5 | 88aaa7080f31da431044f8c771743758
HP Security Bulletin HPSBMU03601 1
Posted May 25, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03601 1 - HPE Insight Control server deployment has addressed the following security vulnerabilities: The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN" which could be exploited remotely resulting in disclosure of information Multiple OpenSSL vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS) Multiple vulnerabilities that can be exploited locally resulting in Cross-site scripting (XSS), and Information Disclosure. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, protocol, xss, info disclosure
advisories | CVE-2016-0705, CVE-2016-0799, CVE-2016-0800, CVE-2016-2842
MD5 | 6904493bcef8837ba9fbdfa70126e03f
HP Security Bulletin HPSBGN03587 1
Posted May 18, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03587 1 - 3rd party code template: A security vulnerability in Open vSwitch could potentially impact HPE Helion OpenStack resulting in a remote denial of Service (DoS) or arbitrary command execution. HPE Helion OpenStack has also addressed several OpenSSL vulnerabilities including: The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN", which could be exploited remotely resulting in disclosure of information. Multiple OpenSSL vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS) or other impacts. Revision 1 of this advisory.

tags | advisory, remote, denial of service, arbitrary, vulnerability, protocol
advisories | CVE-2016-0703, CVE-2016-0705, CVE-2016-0799, CVE-2016-0800, CVE-2016-2842
MD5 | 8c872139dbcbd2220ea5d95bcaf82632
HP Security Bulletin HPSBHF03594 1
Posted May 17, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03594 1 - Security vulnerabilities in OpenSSL have been addressed by HPE ConvergedSystem 500 & 900 and HPE AppSystems for SAP HANA. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS), unauthorized disclosure of information, and unauthorized modification. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2016-0705, CVE-2016-0799, CVE-2016-2842
MD5 | 4c3b39113f96edf7ec664c2b89bfbf55
HP Security Bulletin HPSBMU03590 1
Posted May 13, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03590 1 - Several potential security vulnerabilities have been identified in HPE Systems Insight Manager (SIM) on Windows and Linux. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS), execution of arbitrary code, disclosure of information, Cross-site Request Forgery (CSRF), and Cross-site scripting (XSS). Revision 1 of this advisory.

tags | advisory, denial of service, arbitrary, vulnerability, xss, csrf
systems | linux, windows
advisories | CVE-2015-3194, CVE-2015-3195, CVE-2015-6565, CVE-2016-0705, CVE-2016-0799, CVE-2016-2842
MD5 | 4937ab7a1db5deab950896cefe01e769
HP Security Bulletin HPSBHF03592 1
Posted May 12, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03592 1 - Several potential security vulnerabilities have been identified in the OpenFlow Virtual Appliance (OVA) version of the HPE VAN SDN Controller using OpenSSL which could be exploited remotely to allow Denial of Service (DoS), unauthorized disclosure of information, and unauthorized modification of information. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2016-0705, CVE-2016-0799, CVE-2016-2842
MD5 | 61c9994c227e99f6a23ca3f00654626c
Red Hat Security Advisory 2016-0996-01
Posted May 10, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0996-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library.

tags | advisory, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2842
MD5 | 53cebf0cff9310fb1df58e16416150e3
Red Hat Security Advisory 2016-0722-01
Posted May 9, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-0722-01 - OpenSSL is a toolkit that implements the Secure Sockets Layer and Transport Layer Security protocols, as well as a full-strength general-purpose cryptography library. Security Fix: A flaw was found in the way OpenSSL encoded certain ASN.1 data structures. An attacker could use this flaw to create a specially crafted certificate which, when verified or re-encoded by OpenSSL, could cause it to crash, or execute arbitrary code using the permissions of the user running an application compiled against the OpenSSL library.

tags | advisory, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2016-0799, CVE-2016-2105, CVE-2016-2106, CVE-2016-2107, CVE-2016-2108, CVE-2016-2109, CVE-2016-2842
MD5 | bd6dcebb73d8d4732aa9bbb65c976218
HP Security Bulletin HPSBMU03575 1
Posted Apr 19, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBMU03575 1 - HP Smart Update Manager (SUM) has addressed the following vulnerabilities: The Cross-protocol Attack on TLS using SSLv2 also known as "DROWN", which could be exploited remotely resulting in disclosure of information. Multiple OpenSSL vulnerabilities which could be remotely exploited resulting in Denial of Service (DoS) or other impacts. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability, protocol
advisories | CVE-2016-0705, CVE-2016-0799, CVE-2016-0800, CVE-2016-2842
MD5 | 6db74316d2c16e81c46fb268b9e4e9e5
HP Security Bulletin HPSBGN03569 2
Posted Apr 7, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03569 2 - Potential security vulnerabilities have been identified in the server running HP OneView for VMware vCenter (OV4VC) version 7.8.1 or earlier. The vulnerabilities may lead to remote disclosure of information. Revision 2 of this advisory.

tags | advisory, remote, vulnerability
advisories | CVE-2014-3566, CVE-2016-0705, CVE-2016-0799, CVE-2016-0800, CVE-2016-2842
MD5 | 03e7b5159892da6b5f222f36aed886a4
HP Security Bulletin HPSBGN03569 1
Posted Apr 6, 2016
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03569 1 - Potential security vulnerabilities have been identified in the server running HP OneView for VMware vCenter (OV4VC) version 7.8.1 or earlier. The vulnerabilities may lead to remote disclosure of information. Revision 1 of this advisory.

tags | advisory, remote, vulnerability
advisories | CVE-2014-3566, CVE-2016-0705, CVE-2016-0799, CVE-2016-0800, CVE-2016-2842
MD5 | 46ea8e6d810cda1a9065e73786a246f9
Page 1 of 1
Back1Next

Want To Donate?


Bitcoin: 18PFeCVLwpmaBuQqd5xAYZ8bZdvbyEWMmU

File Archive:

July 2018

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jul 1st
    1 Files
  • 2
    Jul 2nd
    26 Files
  • 3
    Jul 3rd
    15 Files
  • 4
    Jul 4th
    11 Files
  • 5
    Jul 5th
    13 Files
  • 6
    Jul 6th
    4 Files
  • 7
    Jul 7th
    4 Files
  • 8
    Jul 8th
    1 Files
  • 9
    Jul 9th
    16 Files
  • 10
    Jul 10th
    15 Files
  • 11
    Jul 11th
    32 Files
  • 12
    Jul 12th
    22 Files
  • 13
    Jul 13th
    15 Files
  • 14
    Jul 14th
    1 Files
  • 15
    Jul 15th
    1 Files
  • 16
    Jul 16th
    21 Files
  • 17
    Jul 17th
    15 Files
  • 18
    Jul 18th
    15 Files
  • 19
    Jul 19th
    17 Files
  • 20
    Jul 20th
    11 Files
  • 21
    Jul 21st
    1 Files
  • 22
    Jul 22nd
    0 Files
  • 23
    Jul 23rd
    0 Files
  • 24
    Jul 24th
    0 Files
  • 25
    Jul 25th
    0 Files
  • 26
    Jul 26th
    0 Files
  • 27
    Jul 27th
    0 Files
  • 28
    Jul 28th
    0 Files
  • 29
    Jul 29th
    0 Files
  • 30
    Jul 30th
    0 Files
  • 31
    Jul 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2018 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close