CVE-2016-0703

Priority
Description
The get_client_master_key function in s2_srvr.c in the SSLv2 implementation
in OpenSSL before 0.9.8zf, 1.0.0 before 1.0.0r, 1.0.1 before 1.0.1m, and
1.0.2 before 1.0.2a accepts a nonzero CLIENT-MASTER-KEY CLEAR-KEY-LENGTH
value for an arbitrary cipher, which allows man-in-the-middle attackers to
determine the MASTER-KEY value and decrypt TLS ciphertext data by
leveraging a Bleichenbacher RSA padding oracle, a related issue to
CVE-2016-0800.
Notes
mdeslauropenssl in Ubuntu is compiled with no-ssl2
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):not-affected
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Package
Upstream:needs-triage
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was not-affected)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2020-03-18 22:42:51 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)