| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 8.0 | $0-$5k | 0.00 |
Summary
A vulnerability classified as problematic was found in OpenSSL 1.0.1/1.0.2. This affects the function BN_hex2bn/BN_dec2bn(). The manipulation results in integer overflow.
This vulnerability is cataloged as CVE-2016-0797. The attack may be launched remotely. There is no exploit available.
Upgrading the affected component is advised.
Details
A vulnerability classified as critical has been found in OpenSSL 1.0.1/1.0.2 (Network Encryption Software). Affected is the function BN_hex2bn/BN_dec2bn(). The manipulation with an unknown input leads to a integer overflow vulnerability. CWE is classifying the issue as CWE-190. The product performs a calculation that can produce an integer overflow or wraparound, when the logic assumes that the resulting value will always be larger than the original value. This can introduce other weaknesses when the calculation is used for resource management or execution control. This is going to have an impact on confidentiality, integrity, and availability.
The weakness was shared 03/01/2016 by Guido Vranken as 20160301.txt as confirmed advisory (Website). The advisory is shared for download at openssl.org. This vulnerability is traded as CVE-2016-0797 since 12/16/2015. The exploitability is told to be difficult. It is possible to launch the attack remotely. The exploitation doesn't require any form of authentication. There are known technical details, but no exploit is available. The current price for an exploit might be approx. USD $0-$5k (estimation calculated on 07/08/2022).
The vulnerability scanner Nessus provides a plugin with the ID 89842 (Amazon Linux AMI : openssl (ALAS-2016-661) (DROWN) (SLOTH)), which helps to determine the existence of the flaw in a target environment. It is assigned to the family Amazon Linux Local Security Checks and running in the context l. The commercial vulnerability scanner Qualys is able to test this issue with plugin 168833 (OpenSuSE Security Update for libopenssl0_9_8 (openSUSE-SU-2016:1241-1)).
Upgrading eliminates this vulnerability. A possible mitigation has been published immediately after the disclosure of the vulnerability.
The vulnerability is also documented in the databases at X-Force (111142), Tenable (89842), SecurityFocus (BID 83763†) and Vulnerability Center (SBV-57004†). The entries VDB-81112, VDB-81133, VDB-81138 and VDB-81139 are related to this item. VulDB is the best source for vulnerability data and more expert information about this specific topic.
Product
Type
Name
Version
License
Support
- end of life (old version)
Website
- Product: https://www.openssl.org/
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 8.7VulDB Meta Temp Score: 8.0
VulDB Base Score: 9.8
VulDB Temp Score: 8.5
VulDB Vector: 🔍
VulDB Reliability: 🔍
NVD Base Score: 7.5
NVD Vector: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Integer overflowCWE: CWE-190 / CWE-189
CAPEC: 🔍
ATT&CK: 🔍
Physical: No
Local: No
Remote: Yes
Availability: 🔍
Status: Unproven
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Nessus ID: 89842
Nessus Name: Amazon Linux AMI : openssl (ALAS-2016-661) (DROWN) (SLOTH)
Nessus File: 🔍
Nessus Risk: 🔍
Nessus Family: 🔍
Nessus Context: 🔍
OpenVAS ID: 12024
OpenVAS Name: Mageia Linux Local Check: mgasa-2016-0093
OpenVAS File: 🔍
OpenVAS Family: 🔍
Qualys ID: 🔍
Qualys Name: 🔍
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
Reaction Time: 🔍
0-Day Time: 🔍
Exposure Time: 🔍
Patch: c175308407858afff3fc8c2e5e085d94d12edc7d
Timeline
12/16/2015 🔍02/29/2016 🔍
03/01/2016 🔍
03/01/2016 🔍
03/01/2016 🔍
03/03/2016 🔍
03/03/2016 🔍
03/05/2016 🔍
03/10/2016 🔍
07/08/2022 🔍
Sources
Product: openssl.orgAdvisory: 20160301.txt
Researcher: Guido Vranken
Status: Confirmed
Confirmation: 🔍
CVE: CVE-2016-0797 (🔍)
GCVE (CVE): GCVE-0-2016-0797
GCVE (VulDB): GCVE-100-81144
OVAL: 🔍
X-Force: 111142 - OpenSSL BN_hex2bn/BN_dec2bn() denial of service
SecurityFocus: 83763 - OpenSSL CVE-2016-0797 Multiple Integer Overflow Vulnerabilities
SecurityTracker: 1035133
Vulnerability Center: 57004 - OpenSSL Remote Heap Corruption due to Insufficient Memory Allocation - CVE-2016-0797, High
See also: 🔍
Entry
Created: 03/03/2016 10:45Updated: 07/08/2022 20:06
Changes: 03/03/2016 10:45 (69), 09/01/2018 08:39 (19), 07/08/2022 20:06 (7)
Complete: 🔍
Cache ID: 216::103
VulDB is the best source for vulnerability data and more expert information about this specific topic.
No comments yet. Languages: en.
Please log in to comment.