Vulnerability Change Records for CVE-2016-6304

Change History

CVE Modified by Red Hat, Inc. 1/06/2017 10:0:38 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2016-2802.html [No Types Assigned]

Modified Analysis 9/27/2016 12:38:50 PM

Action Type Old Value New Value
Added CPE Configuration

								
							
							
						
Configuration 1
     OR
          *cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:a:openssl:openssl:1.1.0:*:*:*:*:*:*:*
Added CVSS V2

								
							
							
						
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Added CVSS V3

								
							
							
						
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Added CWE

								
							
							
						
CWE-399
Changed Reference Type
https://git.openssl.org/?p=openssl.git;a=commit;h=2c0d295e26306e15a92eb23a84a1802005c1c137 No Types Assigned
https://git.openssl.org/?p=openssl.git;a=commit;h=2c0d295e26306e15a92eb23a84a1802005c1c137 Issue Tracking
Changed Reference Type
https://www.openssl.org/news/secadv/20160922.txt No Types Assigned
https://www.openssl.org/news/secadv/20160922.txt Vendor Advisory

CVE Modified by Red Hat, Inc. 1/04/2018 9:31:06 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2016-1940.html [No Types Assigned]
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2017-1415.html [No Types Assigned]
Added Reference

								
							
							
						
http://rhn.redhat.com/errata/RHSA-2017-1659.html [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2017:1413 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2017:1414 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2017:1658 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2017:1801 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2017:1802 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2017:2493 [No Types Assigned]
Added Reference

								
							
							
						
https://access.redhat.com/errata/RHSA-2017:2494 [No Types Assigned]

CVE Modified by Source 10/11/2016 10:3:03 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html
Added Reference

								
							
							
						
https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/

CVE Modified by Red Hat, Inc. 1/18/2018 1:18:06 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html [No Types Assigned]

CVE Modified by Red Hat, Inc. 11/02/2017 9:29:03 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://www.tenable.com/security/tns-2016-20 [No Types Assigned]
Added Reference

								
							
							
						
https://www.tenable.com/security/tns-2016-21 [No Types Assigned]

CVE Modified by Red Hat, Inc. 10/19/2017 9:29:09 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html [No Types Assigned]

CVE Modified by Red Hat, Inc. 8/08/2017 9:29:06 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html [No Types Assigned]

CVE Modified by Red Hat, Inc. 7/25/2017 9:29:01 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securitytracker.com/id/1037640 [No Types Assigned]

CVE Modified by Red Hat, Inc. 7/29/2017 9:29:09 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securitytracker.com/id/1036878 [No Types Assigned]

CVE Modified by Red Hat, Inc. 12/27/2016 9:59:31 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 [No Types Assigned]
Added Reference

								
							
							
						
https://bto.bluecoat.com/security-advisory/sa132 [No Types Assigned]
Added Reference

								
							
							
						
https://kc.mcafee.com/corporate/index?page=content&id=SB10171 [No Types Assigned]
Added Reference

								
							
							
						
https://security.gentoo.org/glsa/201612-16 [No Types Assigned]

Modified Analysis 10/13/2016 5:1:08 PM

Action Type Old Value New Value
Changed CPE Configuration
Configuration 1
     OR
          *cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:a:openssl:openssl:1.1.0:*:*:*:*:*:*:*
Configuration 1
     OR
          *cpe:2.3:a:openssl:openssl:1.0.2:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2:beta1:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2:beta2:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2:beta3:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2a:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2b:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2c:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2d:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2e:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2f:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.2h:*:*:*:*:*:*:*
Configuration 2
     OR
          *cpe:2.3:a:openssl:openssl:1.1.0:*:*:*:*:*:*:*
Configuration 3
     OR
          *cpe:2.3:a:openssl:openssl:1.0.1s:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1:beta1:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1:beta2:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1:beta3:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1a:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1b:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1c:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1d:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1e:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1f:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1g:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1h:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1i:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1j:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1k:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1l:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1m:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1n:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1o:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1p:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1q:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1r:*:*:*:*:*:*:*
          *cpe:2.3:a:openssl:openssl:1.0.1t:*:*:*:*:*:*:*
Configuration 4
     OR
          *cpe:2.3:a:nodejs:node.js:6.6.0:*:*:*:*:*:*:* (and previous)
Configuration 5
     OR
          *cpe:2.3:o:novell:suse_linux_enterprise_module_for_web_scripting:12.0:*:*:*:*:*:*:*
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.html Third Party Advisory
Changed Reference Type
https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/ No Types Assigned
https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/ Third Party Advisory

CVE Modified by Red Hat, Inc. 2/01/2017 9:59:03 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www-01.ibm.com/support/docview.wss?uid=swg21995039 [No Types Assigned]
Added Reference

								
							
							
						
https://www.tenable.com/security/tns-2016-16 [No Types Assigned]

CVE Modified by Source 10/25/2016 10:2:31 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

CVE Modified by Red Hat, Inc. 12/23/2016 9:59:42 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.splunk.com/view/SP-CAAAPSV [No Types Assigned]
Added Reference

								
							
							
						
http://www.splunk.com/view/SP-CAAAPUE [No Types Assigned]

CVE Modified by Source 10/26/2016 10:0:43 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html

CVE Modified by Red Hat, Inc. 11/20/2017 9:29:05 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:26.openssl.asc [No Types Assigned]

CVE Modified by Red Hat, Inc. 4/19/2018 9:29:16 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html [No Types Assigned]

Initial CVE Analysis 9/27/2016 8:42:02 AM

Action Type Old Value New Value

CVE Modified by Red Hat, Inc. 11/28/2016 3:31:17 PM

Action Type Old Value New Value
Added Reference

								
							
							
						
http://www.securityfocus.com/bid/93150 [No Types Assigned]