QwikSec

Security Database

CVE

CWE

Training

CVE-2016-8610

Published: Nov 13, 2017

Modified: Aug 6, 2024

PUBLISHED

Description

A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amount of CPU and fail to accept connections from other clients.

Vendor	Product	Versions
OpenSSL	OpenSSL	affected `All 0.9.8` affected `All 1.0.1` affected `1.0.2 through 1.0.2h` affected `1.1.0`

Weaknesses (CWE)

References

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

FreeBSD-SA-16:35

vendor-advisory

x_refsource_FREEBSD

vendor-advisory

x_refsource_REDHAT

[oss-security] 20161024 CVE-2016-8610: SSL Death Alert: OpenSSL SSL/TLS SSL3_AL_WARNING undefined alert Remote DoS

mailing-list

x_refsource_MLIST

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_DEBIAN

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_SECTRACK

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_REDHAT

https://www.oracle.com/security-alerts/cpuapr2020.html

x_refsource_MISC

https://www.oracle.com/security-alerts/cpujul2020.html

x_refsource_MISC

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

x_refsource_MISC

https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

x_refsource_MISC

https://www.oracle.com/security-alerts/cpujan2020.html

x_refsource_MISC

https://security.netapp.com/advisory/ntap-20171130-0001/

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-8610

x_refsource_CONFIRM

https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=af58be768ebb690f78530f796e92b8ae5c9a4401

x_refsource_CONFIRM

https://security.360.cn/cve/CVE-2016-8610/

x_refsource_MISC

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03897en_us

x_refsource_CONFIRM

https://security.paloaltonetworks.com/CVE-2016-8610

x_refsource_CONFIRM

https://www.oracle.com/security-alerts/cpuoct2020.html

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.