CVE-2016-2183
01.09.2016, 00:59
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| redhat | jboss_enterprise_application_platform | 6.0.0 |
| redhat | jboss_enterprise_web_server | 1.0.0 |
| redhat | jboss_enterprise_web_server | 2.0.0 |
| redhat | jboss_web_server | 3.0 |
| redhat | enterprise_linux | 5.0 |
| redhat | enterprise_linux | 6.0 |
| redhat | enterprise_linux | 7.0 |
| python | python | 2.7.0 ≤ 𝑥 < 2.7.13 |
| python | python | 3.4.0 ≤ 𝑥 < 3.4.7 |
| python | python | 3.5.0 ≤ 𝑥 < 3.5.3 |
| cisco | content_security_management_appliance | 9.6.6-068 |
| cisco | content_security_management_appliance | 9.7.0-006 |
| openssl | openssl | 1.0.1a:a |
| openssl | openssl | 1.0.1b:b |
| openssl | openssl | 1.0.1c:c |
| openssl | openssl | 1.0.1d:d |
| openssl | openssl | 1.0.1e:e |
| openssl | openssl | 1.0.1f:f |
| openssl | openssl | 1.0.1g:g |
| openssl | openssl | 1.0.1h:h |
| openssl | openssl | 1.0.1i:i |
| openssl | openssl | 1.0.1j:j |
| openssl | openssl | 1.0.1k:k |
| openssl | openssl | 1.0.1l:l |
| openssl | openssl | 1.0.1m:m |
| openssl | openssl | 1.0.1n:n |
| openssl | openssl | 1.0.1o:o |
| openssl | openssl | 1.0.1p:p |
| openssl | openssl | 1.0.1q:q |
| openssl | openssl | 1.0.1r:r |
| openssl | openssl | 1.0.1t:t |
| openssl | openssl | 1.0.2a:a |
| openssl | openssl | 1.0.2b:b |
| openssl | openssl | 1.0.2c:c |
| openssl | openssl | 1.0.2d:d |
| openssl | openssl | 1.0.2e:e |
| openssl | openssl | 1.0.2f:f |
| openssl | openssl | 1.0.2h:h |
| oracle | database | 11.2.0.4 |
| oracle | database | 12.1.0.2 |
| nodejs | node.js | 0.10.0 ≤ 𝑥 < 0.10.47 |
| nodejs | node.js | 0.12.0 ≤ 𝑥 < 0.12.16 |
| nodejs | node.js | 4.0.0 ≤ 𝑥 < 4.1.2 |
| nodejs | node.js | 4.2.0 ≤ 𝑥 < 4.6.0 |
| nodejs | node.js | 6.0.0 ≤ 𝑥 < 6.7.0 |
𝑥
= Vulnerable software versions
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| gnutls26 |
| ||||||||||||||||||
| gnutls28 |
| ||||||||||||||||||
| nss |
| ||||||||||||||||||
| openjdk-6 |
| ||||||||||||||||||
| openjdk-7 |
| ||||||||||||||||||
| openjdk-8 |
| ||||||||||||||||||
| openssl |
| ||||||||||||||||||
| openssl098 |
|
openSUSE / SLES Releases
openSUSE Product | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| java-1_7_0-openjdk |
| ||||||||||||||||||||||||||||||||
| java-1_7_0-openjdk-demo |
| ||||||||||||||||||||||||||||||||
| java-1_7_0-openjdk-devel |
| ||||||||||||||||||||||||||||||||
| java-1_7_0-openjdk-headless |
| ||||||||||||||||||||||||||||||||
| java-1_8_0-openjdk |
| ||||||||||||||||||||||||||||||||
| java-1_8_0-openjdk-demo |
| ||||||||||||||||||||||||||||||||
| java-1_8_0-openjdk-devel |
| ||||||||||||||||||||||||||||||||
| java-1_8_0-openjdk-headless |
| ||||||||||||||||||||||||||||||||
| libopenssl-devel |
| ||||||||||||||||||||||||||||||||
| libopenssl-fips-provider |
| ||||||||||||||||||||||||||||||||
| libwsman-devel |
| ||||||||||||||||||||||||||||||||
| libwsman3 |
| ||||||||||||||||||||||||||||||||
| nodejs4 |
| ||||||||||||||||||||||||||||||||
| nodejs4-devel |
| ||||||||||||||||||||||||||||||||
| nodejs4-docs |
| ||||||||||||||||||||||||||||||||
| npm4 |
| ||||||||||||||||||||||||||||||||
| openssl |
| ||||||||||||||||||||||||||||||||
| openwsman-server |
|
Red Hat Enterprise Linux Releases
Red Hat Product | |||||
|---|---|---|---|---|---|
| java-1.6.0-ibm |
| ||||
| java-1.6.0-ibm-demo |
| ||||
| java-1.6.0-ibm-devel |
| ||||
| java-1.6.0-ibm-javacomm |
| ||||
| java-1.6.0-ibm-jdbc |
| ||||
| java-1.6.0-ibm-plugin |
| ||||
| java-1.6.0-ibm-src |
| ||||
| java-1.7.1-ibm |
| ||||
| java-1.7.1-ibm-demo |
| ||||
| java-1.7.1-ibm-devel |
| ||||
| java-1.7.1-ibm-jdbc |
| ||||
| java-1.7.1-ibm-plugin |
| ||||
| java-1.7.1-ibm-src |
| ||||
| java-1.8.0-ibm |
| ||||
| java-1.8.0-ibm-demo |
| ||||
| java-1.8.0-ibm-devel |
| ||||
| java-1.8.0-ibm-jdbc |
| ||||
| java-1.8.0-ibm-plugin |
| ||||
| java-1.8.0-ibm-src |
| ||||
| openssl |
| ||||
| openssl-devel |
| ||||
| openssl-libs |
| ||||
| openssl-perl |
| ||||
| openssl-static |
| ||||
| python |
| ||||
| python-debug |
| ||||
| python-devel |
| ||||
| python-libs |
| ||||
| python-test |
| ||||
| python-tools |
| ||||
| tkinter |
|
Common Weakness Enumeration