Your submission was sent successfully! Close

CVE-2016-0800

Published: 1 March 2016

The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.

Priority

Medium

CVSS 3 base score: 5.9

Status

Package Release Status
openssl
Launchpad, Ubuntu, Debian
precise Not vulnerable

trusty Not vulnerable

upstream Needs triage

vivid Not vulnerable

wily Not vulnerable

openssl098
Launchpad, Ubuntu, Debian
precise Not vulnerable

trusty Does not exist
(trusty was not-affected)
upstream Needs triage

vivid Not vulnerable

wily Does not exist