CVE-2016-0787 - OpenCVE

The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a "bits/bytes confusion bug."

No CVSS v3.1

Attack Vector Network

Attack Complexity High

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:M/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Debian	Debian Linux
Opensuse	Opensuse
Libssh2	Libssh2
Fedoraproject	Fedora

Configuration 1 [-]

OR	cpe:2.3:o:fedoraproject:fedora:22:::::::*
	cpe:2.3:o:fedoraproject:fedora:23:::::::*

Configuration 2 [-]

cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*

Configuration 4 [-]

OR	cpe:2.3:o:debian:debian_linux:7.0:::::::*
	cpe:2.3:o:debian:debian_linux:8.0:::::::*

References

Link	Resource
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177980.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178573.html
http://lists.opensuse.org/opensuse-updates/2016-03/msg00008.html
http://www.debian.org/security/2016/dsa-3487
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
http://www.securityfocus.com/bid/82514
https://bto.bluecoat.com/security-advisory/sa120
https://kc.mcafee.com/corporate/index?page=content&id=SB10156
https://puppet.com/security/cve/CVE-2016-0787
https://security.gentoo.org/glsa/201606-12	Third Party Advisory
https://www.libssh2.org/CVE-2016-0787.patch	Patch
https://www.libssh2.org/adv_20160223.html	Vendor Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: redhat

Published: 2016-04-13T17:00:00

Updated: 2017-12-08T10:57:01

Reserved: 2015-12-16T00:00:00

Link: CVE-2016-0787

JSON object: View

NVD Information

Status : Modified

Published: 2016-04-13T17:59:10.930

Modified: 2018-10-30T16:27:35.843

Link: CVE-2016-0787

JSON object: View

Redhat Information

No data.

CWE

CWE-200

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-02-23T00:00:00", "descriptions": [{"lang": "en", "value": "The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a \"bits/bytes confusion bug.\""}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-12-08T10:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "FEDORA-2016-215a2219b1", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177980.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10156"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.libssh2.org/CVE-2016-0787.patch"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://www.libssh2.org/adv_20160223.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://puppet.com/security/cve/CVE-2016-0787"}, {"name": "FEDORA-2016-7942ee2cc5", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178573.html"}, {"name": "GLSA-201606-12", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201606-12"}, {"name": "openSUSE-SU-2016:0639", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00008.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bto.bluecoat.com/security-advisory/sa120"}, {"name": "DSA-3487", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2016/dsa-3487"}, {"name": "82514", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/82514"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2016-0787", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a \"bits/bytes confusion bug.\""}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "FEDORA-2016-215a2219b1", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177980.html"}, {"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10156", "refsource": "CONFIRM", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10156"}, {"name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"name": "https://www.libssh2.org/CVE-2016-0787.patch", "refsource": "CONFIRM", "url": "https://www.libssh2.org/CVE-2016-0787.patch"}, {"name": "https://www.libssh2.org/adv_20160223.html", "refsource": "CONFIRM", "url": "https://www.libssh2.org/adv_20160223.html"}, {"name": "https://puppet.com/security/cve/CVE-2016-0787", "refsource": "CONFIRM", "url": "https://puppet.com/security/cve/CVE-2016-0787"}, {"name": "FEDORA-2016-7942ee2cc5", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178573.html"}, {"name": "GLSA-201606-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201606-12"}, {"name": "openSUSE-SU-2016:0639", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00008.html"}, {"name": "https://bto.bluecoat.com/security-advisory/sa120", "refsource": "CONFIRM", "url": "https://bto.bluecoat.com/security-advisory/sa120"}, {"name": "DSA-3487", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3487"}, {"name": "82514", "refsource": "BID", "url": "http://www.securityfocus.com/bid/82514"}]}}}}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2016-0787", "datePublished": "2016-04-13T17:00:00", "dateReserved": "2015-12-16T00:00:00", "dateUpdated": "2017-12-08T10:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*", "matchCriteriaId": "253C303A-E577-4488-93E6-68A8DD942C38", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*", "matchCriteriaId": "E79AB8DD-C907-4038-A931-1A5A4CFB6A5B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*", "matchCriteriaId": "03117DF1-3BEC-4B8D-AD63-DBBDB2126081", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:libssh2:libssh2:*:*:*:*:*:*:*:*", "matchCriteriaId": "D67987A0-3291-477D-B62B-31DFB7BC3E92", "versionEndIncluding": "1.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The diffie_hellman_sha256 function in kex.c in libssh2 before 1.7.0 improperly truncates secrets to 128 or 256 bits, which makes it easier for man-in-the-middle attackers to decrypt or intercept SSH sessions via unspecified vectors, aka a \"bits/bytes confusion bug.\""}, {"lang": "es", "value": "La funci\u00f3n diffie_hellman_sha256 en kex.c en libssh2 en versiones anteriores a 1.7.0 trunca de manera incorrecta secretos a 128 o 256 bits, lo que hace m\u00e1s f\u00e1cil para atacantes man-in-the-middle descifrar o interceptar sesiones SSH a trav\u00e9s de vectores no especificados, tambi\u00e9n conocido como \"bits/bytes confusion bug\"."}], "id": "CVE-2016-0787", "lastModified": "2018-10-30T16:27:35.843", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 4.3, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 2.2, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2016-04-13T17:59:10.930", "references": [{"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177980.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178573.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2016-03/msg00008.html"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2016/dsa-3487"}, {"source": "secalert@redhat.com", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/82514"}, {"source": "secalert@redhat.com", "url": "https://bto.bluecoat.com/security-advisory/sa120"}, {"source": "secalert@redhat.com", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10156"}, {"source": "secalert@redhat.com", "url": "https://puppet.com/security/cve/CVE-2016-0787"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201606-12"}, {"source": "secalert@redhat.com", "tags": ["Patch"], "url": "https://www.libssh2.org/CVE-2016-0787.patch"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "https://www.libssh2.org/adv_20160223.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "nvd@nist.gov", "type": "Primary"}]}