Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2016-6302

The tls_decrypt_ticket function in ssl/t1_lib.c in OpenSSL before 1.1.0 does not consider the HMAC size during validation of the ticket length, which allows remote attackers to cause a denial of service via a ticket that is too short.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.05
EPSS Ranking 89.2%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2016-6302
  • Openssl » Openssl » Version: 1.0.1
    cpe:2.3:a:openssl:openssl:1.0.1
  • Openssl » Openssl » Version: 1.0.1a
    cpe:2.3:a:openssl:openssl:1.0.1a
  • Openssl » Openssl » Version: 1.0.1b
    cpe:2.3:a:openssl:openssl:1.0.1b
  • Openssl » Openssl » Version: 1.0.1c
    cpe:2.3:a:openssl:openssl:1.0.1c
  • Openssl » Openssl » Version: 1.0.1d
    cpe:2.3:a:openssl:openssl:1.0.1d
  • Openssl » Openssl » Version: 1.0.1e
    cpe:2.3:a:openssl:openssl:1.0.1e
  • Openssl » Openssl » Version: 1.0.1f
    cpe:2.3:a:openssl:openssl:1.0.1f
  • Openssl » Openssl » Version: 1.0.1g
    cpe:2.3:a:openssl:openssl:1.0.1g
  • Openssl » Openssl » Version: 1.0.1h
    cpe:2.3:a:openssl:openssl:1.0.1h
  • Openssl » Openssl » Version: 1.0.1i
    cpe:2.3:a:openssl:openssl:1.0.1i
  • Openssl » Openssl » Version: 1.0.1j
    cpe:2.3:a:openssl:openssl:1.0.1j
  • Openssl » Openssl » Version: 1.0.1k
    cpe:2.3:a:openssl:openssl:1.0.1k
  • Openssl » Openssl » Version: 1.0.1l
    cpe:2.3:a:openssl:openssl:1.0.1l
  • Openssl » Openssl » Version: 1.0.1m
    cpe:2.3:a:openssl:openssl:1.0.1m
  • Openssl » Openssl » Version: 1.0.1n
    cpe:2.3:a:openssl:openssl:1.0.1n
  • Openssl » Openssl » Version: 1.0.1o
    cpe:2.3:a:openssl:openssl:1.0.1o
  • Openssl » Openssl » Version: 1.0.1p
    cpe:2.3:a:openssl:openssl:1.0.1p
  • Openssl » Openssl » Version: 1.0.1q
    cpe:2.3:a:openssl:openssl:1.0.1q
  • Openssl » Openssl » Version: 1.0.1r
    cpe:2.3:a:openssl:openssl:1.0.1r
  • Openssl » Openssl » Version: 1.0.1s
    cpe:2.3:a:openssl:openssl:1.0.1s
  • Openssl » Openssl » Version: 1.0.1t
    cpe:2.3:a:openssl:openssl:1.0.1t
  • Openssl » Openssl » Version: 1.0.2
    cpe:2.3:a:openssl:openssl:1.0.2
  • Openssl » Openssl » Version: 1.0.2a
    cpe:2.3:a:openssl:openssl:1.0.2a
  • Openssl » Openssl » Version: 1.0.2b
    cpe:2.3:a:openssl:openssl:1.0.2b
  • Openssl » Openssl » Version: 1.0.2c
    cpe:2.3:a:openssl:openssl:1.0.2c
  • Openssl » Openssl » Version: 1.0.2d
    cpe:2.3:a:openssl:openssl:1.0.2d
  • Openssl » Openssl » Version: 1.0.2e
    cpe:2.3:a:openssl:openssl:1.0.2e
  • Openssl » Openssl » Version: 1.0.2f
    cpe:2.3:a:openssl:openssl:1.0.2f
  • Openssl » Openssl » Version: 1.0.2g
    cpe:2.3:a:openssl:openssl:1.0.2g
  • Openssl » Openssl » Version: 1.0.2h
    cpe:2.3:a:openssl:openssl:1.0.2h
  • Oracle » Linux » Version: 6
    cpe:2.3:o:oracle:linux:6
  • Oracle » Linux » Version: 7
    cpe:2.3:o:oracle:linux:7
  • Oracle » Solaris » Version: 10
    cpe:2.3:o:oracle:solaris:10
  • Oracle » Solaris » Version: 11.3
    cpe:2.3:o:oracle:solaris:11.3


Products
Pricing
Contact Us

Shodan ® - All rights reserved