OpenSSL buffer Overflow Denial of Service Vulnerability (CVE-2016-2177)

OpenSSL buffer Overflow Denial of Service Vulnerability (CVE-2016-2177)
OpenSSL buffer Overflow Denial of Service Vulnerability (CVE-2016-2177)

Release date:
Updated on:

Affected Systems:

OpenSSL Project OpenSSL <= 1.0.2h

Description:

CVE (CAN) ID: CVE-2016-2177

OpenSSL is an open-source SSL implementation that implements high-strength encryption for network communication. It is widely used in various network applications.

In OpenSSL <= 1.0.2h, pointer is not correctly used in heap buffer boundary check. Remote attackers exploit this vulnerability to cause DOS.

<* Source: Adam Mari & #353;
*>

Suggestion:

Vendor patch:

OpenSSL Project
---------------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:

Https://bugzilla.redhat.com/show_bug.cgi? Id = 1341705
Https://git.openssl.org /? P = openssl. git; a = commit; h = a004e72b95835136d3f1ea90517f706c24c03da7

For more information about OpenSSL, see the following links:

Use OpenSSL command line to build CA and Certificate

Install OpenSSL in Ubuntu

Provides FTP + SSL/TLS authentication through OpenSSL and implements secure data transmission.

Use OpenSSL to generate certificates in Linux

Use OpenSSL to sign multi-domain certificates

Add a custom encryption algorithm to OpenSSL

OpenSSL details: click here
OpenSSL: click here

This article permanently updates the link address: