CVE-2016-0701
Published: 28 January 2016
The DH_check_pub_key function in crypto/dh/dh_check.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman (DH) key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose an inappropriate number, as demonstrated by a number in an X9.42 file.
Notes
Author | Note |
---|---|
mdeslaur | 1.0.2 only |
Priority
CVSS 3 base score: 3.7
Status
Package | Release | Status |
---|---|---|
openssl Launchpad, Ubuntu, Debian |
vivid |
Not vulnerable
(1.0.1f-1ubuntu11.5)
|
upstream |
Released
(1.0.2f)
|
|
precise |
Not vulnerable
|
|
trusty |
Not vulnerable
|
|
wily |
Released
(1.0.2d-0ubuntu1.3)
|
|
Patches: upstream: https://git.openssl.org/?p=openssl.git;a=commit;h=878e2c5b13010329c203f309ed0c8f2113f85648 upstream: https://git.openssl.org/?p=openssl.git;a=commit;h=c5b831f21d0d29d1e517d139d9d101763f60c9a2 upstream: https://git.openssl.org/?p=openssl.git;a=commit;h=75374adf8a6ff69d6718952121875a491ed2cd29 |
||
openssl098 Launchpad, Ubuntu, Debian |
vivid |
Not vulnerable
|
upstream |
Not vulnerable
|
|
precise |
Not vulnerable
|
|
trusty |
Does not exist
(trusty was not-affected)
|
|
wily |
Does not exist
|