ID

VAR-201801-0027


CVE

CVE-2016-10708


TITLE

OpenSSH In NULL Pointer dereference vulnerability

Trust: 0.8

sources: JVNDB: JVNDB-2016-008892

DESCRIPTION

sshd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. OpenSSH is prone to multiple denial-of-service vulnerabilities. An attacker can leverage these issues to crash the affected application, denying service to legitimate users. Versions prior to OpenSSH 7.4 are vulnerable. ========================================================================== Ubuntu Security Notice USN-3809-2 August 12, 2021 openssh regression ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 18.04 LTS Summary: USN-3809-1 introduced a regression in OpenSSH. Software Description: - openssh: secure shell (SSH) for secure access to remote machines Details: USN-3809-1 fixed vulnerabilities in OpenSSH. The update for CVE-2018-15473 was incomplete and could introduce a regression in certain environments. This update fixes the problem. We apologize for the inconvenience. Original advisory details: Robert Swiecki discovered that OpenSSH incorrectly handled certain messages. This issue only affected Ubuntu 14.04 LTS and Ubuntu 16.04 LTS. (CVE-2016-10708) It was discovered that OpenSSH incorrectly handled certain requests. An attacker could possibly use this issue to access sensitive information. (CVE-2018-15473) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 18.04 LTS: openssh-server 1:7.6p1-4ubuntu0.5 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-3809-2 https://ubuntu.com/security/notices/USN-3809-1 https://launchpad.net/bugs/1934501 Package Information: https://launchpad.net/ubuntu/+source/openssh/1:7.6p1-4ubuntu0.5

Trust: 2.7

sources: NVD: CVE-2016-10708 // JVNDB: JVNDB-2016-008892 // CNNVD: CNNVD-202104-975 // BID: 102780 // VULMON: CVE-2016-10708 // PACKETSTORM: 150190 // PACKETSTORM: 163809

AFFECTED PRODUCTS

vendor:openbsdmodel:opensshscope:ltversion:7.4

Trust: 1.8

vendor:debianmodel:linuxscope:eqversion:7.0

Trust: 1.6

vendor:canonicalmodel:ubuntu linuxscope:eqversion:18.04

Trust: 1.0

vendor:debianmodel:linuxscope:eqversion:8.0

Trust: 1.0

vendor:netappmodel:data ontap edgescope:eqversion: -

Trust: 1.0

vendor:netappmodel:clustered data ontapscope:eqversion: -

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:16.04

Trust: 1.0

vendor:netappmodel:cloud backupscope:eqversion: -

Trust: 1.0

vendor:canonicalmodel:ubuntu linuxscope:eqversion:14.04

Trust: 1.0

vendor:netappmodel:service processorscope:eqversion: -

Trust: 1.0

vendor:netappmodel:storagegridscope:eqversion: -

Trust: 1.0

vendor:netappmodel:storagegrid webscalescope:eqversion: -

Trust: 1.0

vendor:netappmodel:data ontapscope:eqversion: -

Trust: 1.0

vendor:netappmodel:oncommand unified managerscope:gteversion:9.4

Trust: 1.0

vendor:netappmodel:vasa providerscope:eqversion: -

Trust: 1.0

vendor:debianmodel:gnu/linuxscope:eqversion:7.0

Trust: 0.8

vendor:opensshmodel:opensshscope:eqversion:4.2

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:4.1

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:4.1

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:4.0

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:4.0

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.9

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.8.1

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.8

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.7.2

Trust: 0.3

vendor:opensshmodel:p2scope:eqversion:3.7.1

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.7.1

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.7.1

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.7

Trust: 0.3

vendor:opensshmodel:.1p2scope:eqversion:3.7

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.7

Trust: 0.3

vendor:opensshmodel:p2scope:eqversion:3.6.1

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.6.1

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.6.1

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.5

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.5

Trust: 0.3

vendor:opensshmodel:p1-7scope:eqversion:3.4

Trust: 0.3

vendor:opensshmodel:p1-6scope:eqversion:3.4

Trust: 0.3

vendor:opensshmodel:p1-5scope:eqversion:3.4

Trust: 0.3

vendor:opensshmodel:p1-4scope:eqversion:3.4

Trust: 0.3

vendor:opensshmodel:p1-3scope:eqversion:3.4

Trust: 0.3

vendor:opensshmodel:p1-2scope:eqversion:3.4

Trust: 0.3

vendor:opensshmodel:p1-1scope:eqversion:3.4

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.4

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.4

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.3

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.3

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.2.3

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.2.2

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.2

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.1

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.1

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.0.2

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.0.2

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.0.1

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.0.1

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:3.0

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:3.0

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:2.9.9

Trust: 0.3

vendor:opensshmodel:p2scope:eqversion:2.9

Trust: 0.3

vendor:opensshmodel:p1scope:eqversion:2.9

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:2.9

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:2.5.2

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:2.5.1

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:2.5

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:2.3

Trust: 0.3

vendor:opensshmodel:.0p1scope:eqversion:2.2

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:2.2

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:2.1.1

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:2.1

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:1.2.3

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:1.2.2

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:7.3

Trust: 0.3

vendor:opensshmodel:7.2p2scope: - version: -

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:7.2

Trust: 0.3

vendor:opensshmodel:7.1p2scope: - version: -

Trust: 0.3

vendor:opensshmodel:7.1p1scope: - version: -

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:7.1

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:7.0

Trust: 0.3

vendor:opensshmodel:6.9p1scope: - version: -

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:6.9

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:6.8

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:6.7

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:6.6

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:6.5

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:6.4

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:6.3

Trust: 0.3

vendor:opensshmodel:6.2p2scope: - version: -

Trust: 0.3

vendor:opensshmodel:6.2p1scope: - version: -

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:6.2

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:6.1

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:6.0

Trust: 0.3

vendor:opensshmodel:p2scope:eqversion:5.8

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:5.8

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:5.7

Trust: 0.3

vendor:opensshmodel:5.6p1scope: - version: -

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:5.6

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:5.5

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:5.4

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:5.3

Trust: 0.3

vendor:opensshmodel:5.2p1scope: - version: -

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:5.2

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:5.1

Trust: 0.3

vendor:opensshmodel:5.0p1scope: - version: -

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:5.0

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:4.9

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:4.8

Trust: 0.3

vendor:opensshmodel:4.7p1scope: - version: -

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:4.7

Trust: 0.3

vendor:opensshmodel:4.6p1scope: - version: -

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:4.6

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:4.5

Trust: 0.3

vendor:opensshmodel:4.4.p1scope: - version: -

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:4.4

Trust: 0.3

vendor:opensshmodel:4.3p2scope: - version: -

Trust: 0.3

vendor:opensshmodel:4.3p1scope: - version: -

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:4.3.0

Trust: 0.3

vendor:opensshmodel:4.2p1scope: - version: -

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:1.127

Trust: 0.3

vendor:opensshmodel:opensshscope:eqversion:1.126

Trust: 0.3

vendor:opensshmodel:opensshscope:neversion:7.4

Trust: 0.3

sources: BID: 102780 // JVNDB: JVNDB-2016-008892 // CNNVD: CNNVD-201801-812 // NVD: CVE-2016-10708

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-10708
value: HIGH

Trust: 1.0

NVD: CVE-2016-10708
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201801-812
value: HIGH

Trust: 0.6

VULMON: CVE-2016-10708
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-10708
severity: MEDIUM
baseScore: 5.0
vectorString: AV:N/AC:L/AU:N/C:N/I:N/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: PARTIAL
exploitabilityScore: 10.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2016-10708
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: NONE
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULMON: CVE-2016-10708 // JVNDB: JVNDB-2016-008892 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-201801-812 // NVD: CVE-2016-10708

PROBLEMTYPE DATA

problemtype:CWE-476

Trust: 1.8

sources: JVNDB: JVNDB-2016-008892 // NVD: CVE-2016-10708

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201801-812

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-008892

PATCH

title:[SECURITY] [DLA 1257-1] openssh security updateurl:https://lists.debian.org/debian-lts-announce/2018/01/msg00031.html

Trust: 0.8

title:OpenSSH 7.4/7.4p1 (2016-12-19)url:https://www.openssh.com/releasenotes.html

Trust: 0.8

title:OpenSSH sshd Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=77982

Trust: 0.6

title:Ubuntu Security Notice: openssh vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3809-1

Trust: 0.1

title:Red Hat: CVE-2016-10708url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2016-10708

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=9b9cd7dc5027a97c903c1917360c57fd

Trust: 0.1

title:IBM: IBM Security Bulletin: IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in OpenSSHurl:https://vulmon.com/vendoradvisory?qidtp=ibm_psirt_blog&qid=09467db835e132cd1a0a8012efa155dc

Trust: 0.1

title:Symantec Security Advisories: OpenSSH Vulnerabilities Jan-Aug 2018url:https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories&qid=eafec7859e071aa17b0b5511d3b3eb53

Trust: 0.1

title:nmapurl:https://github.com/project7io/nmap

Trust: 0.1

title:nmapurl:https://github.com/devairdarolt/nmap

Trust: 0.1

title:pigaturl:https://github.com/teamssix/pigat

Trust: 0.1

sources: VULMON: CVE-2016-10708 // JVNDB: JVNDB-2016-008892 // CNNVD: CNNVD-201801-812

EXTERNAL IDS

db:NVDid:CVE-2016-10708

Trust: 3.0

db:BIDid:102780

Trust: 1.9

db:SIEMENSid:SSA-676336

Trust: 1.6

db:MCAFEEid:SB10284

Trust: 1.6

db:JVNDBid:JVNDB-2016-008892

Trust: 0.8

db:PACKETSTORMid:163809

Trust: 0.7

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:AUSCERTid:ESB-2021.2750

Trust: 0.6

db:AUSCERTid:ESB-2019.4243

Trust: 0.6

db:CS-HELPid:SB2021091616

Trust: 0.6

db:CNNVDid:CNNVD-201801-812

Trust: 0.6

db:VULMONid:CVE-2016-10708

Trust: 0.1

db:PACKETSTORMid:150190

Trust: 0.1

sources: VULMON: CVE-2016-10708 // BID: 102780 // JVNDB: JVNDB-2016-008892 // PACKETSTORM: 150190 // PACKETSTORM: 163809 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-201801-812 // NVD: CVE-2016-10708

REFERENCES

url:http://www.securityfocus.com/bid/102780

Trust: 2.2

url:http://blog.swiecki.net/2018/01/fuzzing-tcp-servers.html

Trust: 1.9

url:https://anongit.mindrot.org/openssh.git/commit/?id=28652bca29046f62c7045e933e6b931de1d16737

Trust: 1.9

url:https://www.openssh.com/releasenotes.html

Trust: 1.9

url:https://kc.mcafee.com/corporate/index?page=content&id=sb10284

Trust: 1.6

url:https://cert-portal.siemens.com/productcert/pdf/ssa-676336.pdf

Trust: 1.6

url:https://security.netapp.com/advisory/ntap-20180423-0003/

Trust: 1.6

url:https://lists.debian.org/debian-lts-announce/2018/01/msg00031.html

Trust: 1.6

url:https://usn.ubuntu.com/3809-1/

Trust: 1.6

url:https://lists.debian.org/debian-lts-announce/2018/09/msg00010.html

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2016-10708

Trust: 1.0

url:https://support.f5.com/csp/article/k32485746?utm_source=f5support&amp%3butm_medium=rss

Trust: 1.0

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-10708

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://support.f5.com/csp/article/k32485746?utm_source=f5support&utm_medium=rss

Trust: 0.6

url:https://support.f5.com/csp/article/k32485746

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2019.4243/

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021091616

Trust: 0.6

url:http://www.ibm.com/support/docview.wss?uid=ibm10874464

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2021.2750

Trust: 0.6

url:https://packetstormsecurity.com/files/163809/ubuntu-security-notice-usn-3809-2.html

Trust: 0.6

url:http://www.openssh.com

Trust: 0.3

url:https://bugzilla.redhat.com/show_bug.cgi?id=1537929

Trust: 0.3

url:https://access.redhat.com/security/cve/cve-2016-10708

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2018-15473

Trust: 0.2

url:https://launchpad.net/ubuntu/+source/openssh/1:7.2p2-4ubuntu2.6

Trust: 0.1

url:https://usn.ubuntu.com/usn/usn-3809-1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openssh/1:7.6p1-4ubuntu0.1

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openssh/1:6.6p1-2ubuntu2.11

Trust: 0.1

url:https://launchpad.net/bugs/1934501

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-3809-2

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/openssh/1:7.6p1-4ubuntu0.5

Trust: 0.1

url:https://ubuntu.com/security/notices/usn-3809-1

Trust: 0.1

sources: BID: 102780 // JVNDB: JVNDB-2016-008892 // PACKETSTORM: 150190 // PACKETSTORM: 163809 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-201801-812 // NVD: CVE-2016-10708

CREDITS

The vendor reported this issue.

Trust: 0.3

sources: BID: 102780

SOURCES

db:VULMONid:CVE-2016-10708
db:BIDid:102780
db:JVNDBid:JVNDB-2016-008892
db:PACKETSTORMid:150190
db:PACKETSTORMid:163809
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-201801-812
db:NVDid:CVE-2016-10708

LAST UPDATE DATE

2024-08-14T12:57:09.147000+00:00


SOURCES UPDATE DATE

db:VULMONid:CVE-2016-10708date:2021-09-14T00:00:00
db:BIDid:102780date:2018-01-21T00:00:00
db:JVNDBid:JVNDB-2016-008892date:2018-02-23T00:00:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-201801-812date:2021-09-17T00:00:00
db:NVDid:CVE-2016-10708date:2023-11-07T02:29:41.667

SOURCES RELEASE DATE

db:VULMONid:CVE-2016-10708date:2018-01-21T00:00:00
db:BIDid:102780date:2018-01-21T00:00:00
db:JVNDBid:JVNDB-2016-008892date:2018-02-23T00:00:00
db:PACKETSTORMid:150190date:2018-11-06T21:04:06
db:PACKETSTORMid:163809date:2021-08-12T15:49:43
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-201801-812date:2018-01-23T00:00:00
db:NVDid:CVE-2016-10708date:2018-01-21T22:29:00.227