CVE-2016-0701
Published: 28 January 2016
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file.
Priority
Medium
CVSS 3 base score: 3.7
Status
| Package | Release | Status |
|---|---|---|
|
openssl Launchpad, Ubuntu, Debian |
precise |
Not vulnerable
|
| trusty |
Not vulnerable
|
|
| upstream |
Released
(1.0.2f)
|
|
| vivid |
Not vulnerable
(1.0.1f-1ubuntu11.5)
|
|
| wily |
Released
(1.0.2d-0ubuntu1.3)
|
|
|
openssl098 Launchpad, Ubuntu, Debian |
precise |
Not vulnerable
|
| trusty |
Does not exist
(trusty was not-affected)
|
|
| upstream |
Not vulnerable
|
|
| vivid |
Not vulnerable
|
|
| wily |
Does not exist
|
Notes
| Author | Note |
|---|---|
| mdeslaur | 1.0.2 only |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0701
- https://www.openssl.org/news/secadv/20160128.txt
- https://ubuntu.com/security/notices/USN-2883-1
- NVD
- Launchpad
- Debian