Advisory ID

12268

Release date

2016-03-02

Last Updated

2016-03-02

Issue Severity

No Impact

 

Source

Source

OpenSSL.org

Release date

2016-03-01

CVSS v2 Base Score

Moderate

Problem Description

s2_srvr.c overwrites the wrong bytes in the master-key when applying Bleichenbacher protection for export cipher suites. This provides a Bleichenbacher oracle, and could potentially allow more efficient variants of the DROWN attack.

Find more about CVE-2016-0704 from MITRE CVE directory.

Impact

None.

 

Affected Products

All FoxT products have the SSLv2 protocol disabled and are thus not affected by this vulnerability.

Workaround

N/A.

Obtaining Fixed Software

N/A.

External References

OpenSSL Security Advisory.




Still have questions? We can help. Submit a case to Technical Support.

Last Modified On: April 16, 2019