CVE - CVE-2016-2181

CVE-ID
CVE-2016-2181	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The Anti-Replay feature in the DTLS implementation in OpenSSL before 1.1.0 mishandles early use of a new epoch number in conjunction with a large sequence number, which allows remote attackers to cause a denial of service (false-positive packet drops) via spoofed DTLS records, related to rec_layer_d1.c and ssl3_record.c.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
BID:92982 URL:http://www.securityfocus.com/bid/92982 CONFIRM:http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 CONFIRM:http://www-01.ibm.com/support/docview.wss?uid=swg21995039 CONFIRM:http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html CONFIRM:http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html CONFIRM:http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html CONFIRM:http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html CONFIRM:http://www.splunk.com/view/SP-CAAAPSV CONFIRM:http://www.splunk.com/view/SP-CAAAPUE CONFIRM:https://bto.bluecoat.com/security-advisory/sa132 CONFIRM:https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf CONFIRM:https://git.openssl.org/?p=openssl.git;a=commit;h=1fb9fdc3027b27d8eb6a1e6a846435b070980770 CONFIRM:https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312 CONFIRM:https://kc.mcafee.com/corporate/index?page=content&id=SB10215 CONFIRM:https://support.f5.com/csp/article/K59298921 CONFIRM:https://www.tenable.com/security/tns-2016-16 CONFIRM:https://www.tenable.com/security/tns-2016-20 CONFIRM:https://www.tenable.com/security/tns-2016-21 DEBIAN:DSA-3673 URL:http://www.debian.org/security/2016/dsa-3673 FREEBSD:FreeBSD-SA-16:26 URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc FULLDISC:20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities URL:http://seclists.org/fulldisclosure/2017/Jul/31 MISC:https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24 REDHAT:RHSA-2016:1940 URL:http://rhn.redhat.com/errata/RHSA-2016-1940.html SECTRACK:1036690 URL:http://www.securitytracker.com/id/1036690 SUSE:SUSE-SU-2016:2387 URL:http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.html SUSE:SUSE-SU-2016:2394 URL:http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.html SUSE:SUSE-SU-2016:2458 URL:http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.html SUSE:SUSE-SU-2016:2468 URL:http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.html SUSE:SUSE-SU-2016:2469 URL:http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.html SUSE:SUSE-SU-2017:2699 URL:http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.html SUSE:SUSE-SU-2017:2700 URL:http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.html SUSE:openSUSE-SU-2016:2391 URL:http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.html SUSE:openSUSE-SU-2016:2407 URL:http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.html SUSE:openSUSE-SU-2016:2537 URL:http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.html SUSE:openSUSE-SU-2018:0458 URL:http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.html UBUNTU:USN-3087-1 URL:http://www.ubuntu.com/usn/USN-3087-1 UBUNTU:USN-3087-2 URL:http://www.ubuntu.com/usn/USN-3087-2
Assigning CNA
Red Hat, Inc.
Date Record Created
20160129	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20160129)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)