CVE-2016-2217 - OpenCVE

The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret.

No CVSS v3.1

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact Low

Integrity Impact None

Availability Impact None

User Interaction None

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact None

Availability Impact None

AV:N/AC:L/Au:N/C:P/I:N/A:N

Vendors & Products
CPE Configurations

Vendors	Products
Dest-unreach	Socat

Configuration 1 [-]

OR	cpe:2.3:a:dest-unreach:socat:1.7.3.0:::::::*
	cpe:2.3:a:dest-unreach:socat:2.0.0:b8::::::

References

Link	Resource
http://www.dest-unreach.org/socat/contrib/socat-secadv7.html	Patch Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/02/01/4	Mailing List Patch Third Party Advisory
http://www.openwall.com/lists/oss-security/2016/02/04/1	Third Party Advisory
https://security.gentoo.org/glsa/201612-23

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: mitre

Published: 2017-01-30T22:00:00

Updated: 2017-06-30T16:57:01

Reserved: 2016-02-03T00:00:00

Link: CVE-2016-2217

JSON object: View

NVD Information

Status : Modified

Published: 2017-01-30T22:59:00.310

Modified: 2017-07-01T01:29:38.123

Link: CVE-2016-2217

JSON object: View

Redhat Information

No data.

CWE

CWE-320

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2016-02-01T00:00:00", "descriptions": [{"lang": "en", "value": "The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-06-30T16:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "GLSA-201612-23", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201612-23"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.dest-unreach.org/socat/contrib/socat-secadv7.html"}, {"name": "[oss-security] 20160203 Re: Socat security advisory 7 - Created new 2048bit DH modulus", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/02/04/1"}, {"name": "[oss-security] 20160201 Socat security advisory 7 - Created new 2048bit DH modulus", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2016/02/01/4"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-2217", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "GLSA-201612-23", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201612-23"}, {"name": "http://www.dest-unreach.org/socat/contrib/socat-secadv7.html", "refsource": "CONFIRM", "url": "http://www.dest-unreach.org/socat/contrib/socat-secadv7.html"}, {"name": "[oss-security] 20160203 Re: Socat security advisory 7 - Created new 2048bit DH modulus", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/02/04/1"}, {"name": "[oss-security] 20160201 Socat security advisory 7 - Created new 2048bit DH modulus", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2016/02/01/4"}]}}}}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-2217", "datePublished": "2017-01-30T22:00:00", "dateReserved": "2016-02-03T00:00:00", "dateUpdated": "2017-06-30T16:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dest-unreach:socat:1.7.3.0:*:*:*:*:*:*:*", "matchCriteriaId": "E2E98265-AE64-4C62-A138-370C7A30E39A", "vulnerable": true}, {"criteria": "cpe:2.3:a:dest-unreach:socat:2.0.0:b8:*:*:*:*:*:*", "matchCriteriaId": "6AFF8CA8-2FD9-48A9-B8BB-B1FE26D48865", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "The OpenSSL address implementation in Socat 1.7.3.0 and 2.0.0-b8 does not use a prime number for the DH, which makes it easier for remote attackers to obtain the shared secret."}, {"lang": "es", "value": "La implementaci\u00f3n de direcciones OpenSSL en Socat 1.7.3.0 y 2.0.0-b8 no utiliza un n\u00famero primo para el DH, lo que facilita a los atacantes remotos obtener el secreto compartido."}], "id": "CVE-2016-2217", "lastModified": "2017-07-01T01:29:38.123", "metrics": {"cvssMetricV2": [{"acInsufInfo": true, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.0"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2017-01-30T22:59:00.310", "references": [{"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "http://www.dest-unreach.org/socat/contrib/socat-secadv7.html"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/02/01/4"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "http://www.openwall.com/lists/oss-security/2016/02/04/1"}, {"source": "cve@mitre.org", "url": "https://security.gentoo.org/glsa/201612-23"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-320"}], "source": "nvd@nist.gov", "type": "Primary"}]}