CVE-2016-2177 Detail Modified This vulnerability has been modified since it was last analyzed by the NVD. It is awaiting reanalysis which may result in further changes to the information provided. Current Description OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c.

View Analysis Description Analysis Description OpenSSL through 1.0.2h incorrectly uses pointer arithmetic for heap-buffer boundary checks, which might allow remote attackers to cause a denial of service (integer overflow and application crash) or possibly have unspecified other impact by leveraging unexpected malloc behavior, related to s3_srvr.c, ssl_sess.c, and t1_lib.c. Severity CVSS Version 3.x CVSS Version 2.0



CVSS 3.x Severity and Metrics:

NIST: NVD Base Score: 9.8 CRITICAL Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS 2.0 Severity and Metrics:



NIST: NVD Base Score: 7.5 HIGH Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P) Weakness Enumeration CWE-ID CWE Name Source CWE-190 Integer Overflow or Wraparound NIST Known Affected Software Configurations Switch to CPE 2.2 CPEs loading, please wait. Denotes Vulnerable Software

Are we missing a CPE here? Please let us know.

Change History 28 change records found show changes CPE Deprecation Remap 12/27/2019 11:9:04 AM Action Type Old Value New Value Changed CPE Configuration OR *cpe:2.3:o:oracle:linux:7.0:*:*:*:*:*:*:*



OR *cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*



CPE Deprecation Remap 12/27/2019 11:8:55 AM Action Type Old Value New Value Changed CPE Configuration OR *cpe:2.3:o:oracle:linux:6.0:*:*:*:*:*:*:*



OR *cpe:2.3:o:oracle:linux:6:*:*:*:*:*:*:*



CVE Modified by MITRE 7/11/2018 9:29:00 PM Action Type Old Value New Value Added Reference https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03856en_us [No Types Assigned]



CVE Modified by MITRE 5/29/2018 9:29:00 PM Action Type Old Value New Value Added Reference https://ics-cert.us-cert.gov/advisories/ICSA-18-144-01 [No Types Assigned]



Added Reference https://www.citect.schneider-electric.com/safety-and-security-central/36-security-notifications/9134-vulnerabilities-within-schneider-electric-floating-license-manager [No Types Assigned]



Added Reference https://www.schneider-electric.com/en/download/document/SEVD-2018-137-01/ [No Types Assigned]



Added Reference https://www.schneider-electric.com/en/download/document/SEVD-2018-144-01/ [No Types Assigned]



CVE Modified by MITRE 4/19/2018 9:29:15 PM Action Type Old Value New Value Added Reference http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html [No Types Assigned]



CVE Modified by MITRE 1/18/2018 1:18:04 PM Action Type Old Value New Value Added Reference http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html [No Types Assigned]



CVE Modified by MITRE 1/04/2018 9:30:37 PM Action Type Old Value New Value Added Reference http://rhn.redhat.com/errata/RHSA-2016-1940.html [No Types Assigned]



Added Reference http://rhn.redhat.com/errata/RHSA-2016-2957.html [No Types Assigned]



Added Reference http://rhn.redhat.com/errata/RHSA-2017-1659.html [No Types Assigned]



Added Reference https://access.redhat.com/errata/RHSA-2017:0193 [No Types Assigned]



Added Reference https://access.redhat.com/errata/RHSA-2017:0194 [No Types Assigned]



Added Reference https://access.redhat.com/errata/RHSA-2017:1658 [No Types Assigned]



CVE Modified by MITRE 11/20/2017 9:29:03 PM Action Type Old Value New Value Added Reference https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc [No Types Assigned]



CVE Modified by MITRE 11/02/2017 9:29:02 PM Action Type Old Value New Value Added Reference https://www.tenable.com/security/tns-2016-20 [No Types Assigned]



Added Reference https://www.tenable.com/security/tns-2016-21 [No Types Assigned]



CVE Modified by MITRE 10/19/2017 9:29:08 PM Action Type Old Value New Value Added Reference http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html [No Types Assigned]



CVE Modified by MITRE 8/08/2017 9:29:04 PM Action Type Old Value New Value Added Reference http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html [No Types Assigned]



CVE Modified by MITRE 8/04/2017 9:29:02 PM Action Type Old Value New Value Added Reference https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03763en_us [No Types Assigned]



Modified Analysis 2/23/2017 2:43:17 PM Action Type Old Value New Value Changed CPE Configuration OR *cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:* (and previous)



Record truncated, showing 500 of 1590 characters.

View Entire Change Record

OR *cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:* *cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:* *cpe:2.3:a:opens Changed CPE Configuration OR *cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:* *cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*



OR *cpe:2.3:o:oracle:linux:5:*:*:*:*:*:*:* *cpe:2.3:o:oracle:linux:6.0:*:*:*:*:*:*:* *cpe:2.3:o:oracle:linux:7.0:*:*:*:*:*:*:* *cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:* *cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*



Changed CVSS V2 (AV:N/AC:M/Au:N/C:N/I:N/A:P)



(AV:N/AC:L/Au:N/C:P/I:P/A:P)



Changed CVSS V3 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H



AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H



Added CWE CWE-190



Removed CWE NVD-CWE-Other



Removed Evaluator Description <a href="http://cwe.mitre.org/data/definitions/190.html">CWE-190: Integer Overflow or Wraparound</a>



Added Reference https://www.openssl.org/news/vulnerabilities.html#y2017 [Vendor Advisory]



Changed Reference Type http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 No Types Assigned



http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 Third Party Advisory



Changed Reference Type http://www-01.ibm.com/support/docview.wss?uid=swg21995039 No Types Assigned



http://www-01.ibm.com/support/docview.wss?uid=swg21995039 Third Party Advisory



Changed Reference Type http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html No Types Assigned



http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html Third Party Advisory



Changed Reference Type http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html No Types Assigned



http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html Third Party Advisory



Changed Reference Type http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html No Types Assigned



http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html Third Party Advisory



Changed Reference Type http://www.securityfocus.com/bid/91319 No Types Assigned



http://www.securityfocus.com/bid/91319 Third Party Advisory, VDB Entry



Changed Reference Type http://www.securitytracker.com/id/1036088 No Types Assigned



http://www.securitytracker.com/id/1036088 Third Party Advisory, VDB Entry



Changed Reference Type http://www.splunk.com/view/SP-CAAAPSV No Types Assigned



http://www.splunk.com/view/SP-CAAAPSV Third Party Advisory



Changed Reference Type http://www.splunk.com/view/SP-CAAAPUE No Types Assigned



http://www.splunk.com/view/SP-CAAAPUE Third Party Advisory



Changed Reference Type https://bto.bluecoat.com/security-advisory/sa132 No Types Assigned



https://bto.bluecoat.com/security-advisory/sa132 Third Party Advisory



Changed Reference Type https://bugzilla.redhat.com/show_bug.cgi?id=1341705 Issue Tracking



https://bugzilla.redhat.com/show_bug.cgi?id=1341705 Issue Tracking, Patch



Changed Reference Type https://git.openssl.org/?p=openssl.git;a=commit;h=a004e72b95835136d3f1ea90517f706c24c03da7 No Types Assigned



https://git.openssl.org/?p=openssl.git;a=commit;h=a004e72b95835136d3f1ea90517f706c24c03da7 Third Party Advisory, Issue Tracking, Patch



Changed Reference Type https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312 No Types Assigned



https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312 Third Party Advisory



Changed Reference Type https://kc.mcafee.com/corporate/index?page=content&id=SB10165 No Types Assigned



https://kc.mcafee.com/corporate/index?page=content&id=SB10165 Third Party Advisory



Changed Reference Type https://security.gentoo.org/glsa/201612-16 No Types Assigned



https://security.gentoo.org/glsa/201612-16 Third Party Advisory, VDB Entry, Patch



Changed Reference Type https://www.tenable.com/security/tns-2016-16 No Types Assigned



https://www.tenable.com/security/tns-2016-16 Third Party Advisory



CVE Modified by MITRE 2/01/2017 9:59:01 PM Action Type Old Value New Value Added Reference http://www-01.ibm.com/support/docview.wss?uid=swg21995039 [No Types Assigned]



Added Reference https://www.tenable.com/security/tns-2016-16 [No Types Assigned]



CVE Modified by MITRE 12/27/2016 9:59:29 PM Action Type Old Value New Value Added Reference http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 [No Types Assigned]



Added Reference https://bto.bluecoat.com/security-advisory/sa132 [No Types Assigned]



Added Reference https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312 [No Types Assigned]



Added Reference https://kc.mcafee.com/corporate/index?page=content&id=SB10165 [No Types Assigned]



Added Reference https://security.gentoo.org/glsa/201612-16 [No Types Assigned]



CVE Modified by MITRE 12/23/2016 9:59:39 PM Action Type Old Value New Value Added Reference http://www.splunk.com/view/SP-CAAAPSV [No Types Assigned]



Added Reference http://www.splunk.com/view/SP-CAAAPUE [No Types Assigned]



Removed Reference https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/ [Vendor Advisory]



CVE Modified by MITRE 11/29/2016 10:4:43 PM Action Type Old Value New Value Added Reference http://www.securitytracker.com/id/1036088 [No Types Assigned]



CVE Modified by MITRE 11/28/2016 3:3:33 PM Action Type Old Value New Value Added Reference http://www.securityfocus.com/bid/91319 [No Types Assigned]



CVE Modified by Source 10/26/2016 9:59:42 PM Action Type Old Value New Value Added Reference http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html



Added Reference http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html



CVE Modified by Source 10/25/2016 10:2:14 PM Action Type Old Value New Value Added Reference http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html



Modified Analysis 10/18/2016 1:43:41 PM Action Type Old Value New Value Changed CPE Configuration Configuration 1 OR *cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:* (and previous)



Configuration 1 OR *cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:certd:*:*:* *cpe:2.3:a:hp:icewall_sso_agent_option:10.0:*:*:*:*:*:*:* *cpe:2.3:a:hp:icewall_mcrp:3.0:*:*:*:*:*:*:* *cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:dfw:*:*:* Configuration 2 OR *cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:* (and previous) Configuration 3 OR *cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:* *cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*



Changed Reference Type http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html No Types Assigned



http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html Third Party Advisory



Changed Reference Type https://bugzilla.redhat.com/show_bug.cgi?id=1341705 No Types Assigned



https://bugzilla.redhat.com/show_bug.cgi?id=1341705 Issue Tracking



Changed Reference Type https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448 No Types Assigned



https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448 Third Party Advisory



Initial CVE Analysis 10/18/2016 10:45:33 AM Action Type Old Value New Value Changed CPE Configuration Configuration 1 OR *cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:* *cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:* Configuration 2 OR *cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:certd:*:*:* *cpe:2.3:a:hp:icewall_sso_agent:10.0:*:*:*:option:*:*:* *cpe:2.3:a:hp:icewall_mcrp:3.0:*:*:*:*:*:*:* *cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:dfw:*:*:* Configuration 3 OR *cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:* (and previous)



Configuration 1 OR *cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:certd:*:*:* *cpe:2.3:a:hp:icewall_sso_agent_option:10.0:*:*:*:*:*:*:* *cpe:2.3:a:hp:icewall_mcrp:3.0:*:*:*:*:*:*:* *cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:dfw:*:*:* Configuration 2 OR *cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:* *cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:* Configuration 3 OR *cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:* (and previous)



Initial CVE Analysis 10/18/2016 10:42:13 AM Action Type Old Value New Value Changed CPE Configuration Configuration 1 OR *cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:* (and previous)



Configuration 1 OR *cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:* (and previous) Configuration 2 OR *cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:* *cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:* Configuration 3 OR *cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:certd:*:*:* *cpe:2.3:a:hp:icewall_sso_agent:10.0:*:*:*:option:*:*:* *cpe:2.3:a:hp:icewall_mcrp:3.0:*:*:*:*:*:*:* *cpe:2.3:a:hp:icewall_sso:10.0:*:*:*:dfw:*:*:*



Changed Reference Type http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html No Types Assigned



http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html Third Party Advisory



Changed Reference Type https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448 No Types Assigned



https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448 Third Party Advisory



CVE Modified by Source 10/17/2016 11:47:37 PM Action Type Old Value New Value Added Reference https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448



CVE Modified by Source 10/03/2016 10:7:30 PM Action Type Old Value New Value Added Reference http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html



Modified Analysis 7/20/2016 11:24:25 AM Action Type Old Value New Value Added CVSS V2 (AV:N/AC:M/Au:N/C:N/I:N/A:P)



Removed CVSS V2 (AV:N/AC:L/Au:N/C:P/I:P/A:P)



Added CVSS V3 AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H



Removed CVSS V3 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H



Added Reference https://www.openssl.org/blog/blog/2016/06/27/undefined-pointer-arithmetic/



Modified Analysis 6/21/2016 5:51:04 PM Action Type Old Value New Value Added CPE Configuration Configuration 1 OR *cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:* (and previous)



Added CVSS V2 (AV:N/AC:L/Au:N/C:P/I:P/A:P)



Added CVSS V3 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H



Added CWE NVD-CWE-Other



Added Evaluator Description <a href="http://cwe.mitre.org/data/definitions/190.html">CWE-190: Integer Overflow or Wraparound</a>



Initial CVE Analysis 6/21/2016 11:34:14 AM Action Type Old Value New Value Quick Info CVE Dictionary Entry:

CVE-2016-2177

NVD Published Date:

06/19/2016

NVD Last Modified:

12/27/2019

Source:

MITRE

