一、 漏洞 CVE-2016-2183 基础信息
漏洞信息
# N/A
## 漏洞概述
DES (Data Encryption Standard) 和 Triple DES 加密算法在 TLS、SSH 和 IPSec 协议以及其他协议和产品中使用时存在生日攻击(Birthday Attack)漏洞。攻击者可以通过针对长时间加密会话,如使用 Triple DES 在 CBC 模式下的 HTTPS 会话,来获取明文数据。
## 影响版本(如有)
无特定版本信息。
## 漏洞细节
DES 和 Triple DES 加密算法的生日边界大约为四亿个数据块。这意味着远程攻击者可以通过发起生日攻击,针对长时间加密的会话,获得明文数据。特别提到的例子是使用 Triple DES 在 CBC 模式下的 HTTPS 会话。
## 影响
攻击者可以利用此漏洞通过生日攻击获取长期加密会话的明文数据,导致隐私泄露和数据安全受损。此漏洞被称为 "Sweet32" 攻击。
神龙判断
是否为 Web 类漏洞: 否
判断理由:
否。这个漏洞影响的是加密算法(DES和Triple DES)的安全性,而不是特定于Web服务的服务端漏洞。它是在使用这些加密算法进行数据传输时,由于加密算法本身的局限性而导致的安全问题。Sweet32攻击利用了这一弱点,通过 birthday attack(生日攻击)能够从加密的通信中恢复明文数据,特别是在长时间的会话中。这种攻击影响了使用这些加密算法的多种协议和产品,包括TLS、SSH和IPSec等。
提示
尽管我们采用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
神龙会尽力确保数据准确,但也请结合实际情况进行甄别与判断。
神龙祝您一切顺利!
漏洞标题
N/A
来源:美国国家漏洞数据库 NVD
漏洞描述信息
The DES and Triple DES ciphers, as used in the TLS, SSH, and IPSec protocols and other protocols and products, have a birthday bound of approximately four billion blocks, which makes it easier for remote attackers to obtain cleartext data via a birthday attack against a long-duration encrypted session, as demonstrated by an HTTPS session using Triple DES in CBC mode, aka a "Sweet32" attack.
来源:美国国家漏洞数据库 NVD
CVSS信息
N/A
来源:美国国家漏洞数据库 NVD
漏洞类别
N/A
来源:美国国家漏洞数据库 NVD
漏洞标题
OpenSSL 信息泄露漏洞
来源:中国国家信息安全漏洞库 CNNVD
漏洞描述信息
OpenSSL是OpenSSL团队的一个开源的能够实现安全套接层(SSLv2/v3)和安全传输层(TLSv1)协议的通用加密库。该产品支持多种加密算法,包括对称密码、哈希算法、安全散列算法等。 OpenSSL 的 TLS、SSH和IPSec协议和其它协议及产品中使用的DES和Triple DES密码算法存在信息泄露漏洞。该漏洞源于网络系统或产品在运行过程中存在配置等错误。未授权的攻击者可利用漏洞获取受影响组件敏感信息。
来源:中国国家信息安全漏洞库 CNNVD
CVSS信息
N/A
来源:中国国家信息安全漏洞库 CNNVD
漏洞类别
信息泄露
来源:中国国家信息安全漏洞库 CNNVD
二、漏洞 CVE-2016-2183 的公开POC
| # | POC 描述 | 源链接 | 神龙链接 |
|---|---|---|---|
| 1 | Simplified Version of Cryptography Attack based on Birthday Paradox: Sweet32 (CVE-2016-2183) | https://github.com/ZakyHermawan/Simple-Sweet32 | POC详情 |
三、漏洞 CVE-2016-2183 的情报信息
- https://www.tenable.com/security/tns-2016-20
- https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05309984
- http://www.oracle.com/technetwork/topics/security/ovmbulletinoct2016-3090547.html
- https://sweet32.info/
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2016-3090545.html
- http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
- https://kc.mcafee.com/corporate/index?page=content&id=SB10186
- https://kc.mcafee.com/corporate/index?page=content&id=SB10171
- https://nakedsecurity.sophos.com/2016/08/25/anatomy-of-a-cryptographic-collision-the-sweet32-attack/
- http://www.splunk.com/view/SP-CAAAPUE
- https://www.oracle.com/security-alerts/cpuoct2021.html
- http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170322-01-openssl-en
- https://www.nccgroup.trust/us/about-us/newsroom-and-events/blog/2016/august/new-practical-attacks-on-64-bit-block-ciphers-3des-blowfish/
- https://kc.mcafee.com/corporate/index?page=content&id=SB10310
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://security.netapp.com/advisory/ntap-20170119-0001/
- http://www.splunk.com/view/SP-CAAAPSV
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369403
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
- https://security.netapp.com/advisory/ntap-20160915-0001/
- https://www.oracle.com/security-alerts/cpujul2020.html
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05369415
- https://www.sigsac.org/ccs/CCS2016/accepted-papers/
- https://bto.bluecoat.com/security-advisory/sa133
- https://www.tenable.com/security/tns-2016-21
- https://kc.mcafee.com/corporate/index?page=content&id=SB10215
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05369403
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05390849
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40312
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbgn03765en_us
- https://blog.cryptographyengineering.com/2016/08/24/attack-of-week-64-bit-ciphers-in-tls/
- http://www-01.ibm.com/support/docview.wss?uid=swg21995039
- https://www.tenable.com/security/tns-2017-09
- https://nodejs.org/en/blog/vulnerability/september-2016-security-releases/
- https://kc.mcafee.com/corporate/index?page=content&id=SB10197
- http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
- https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03286178
- https://www.arista.com/en/support/advisories-notices/security-advisories/1749-security-advisory-24
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05323116
- https://www.tenable.com/security/tns-2016-16
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390849
标题: HPSBHF03674 rev.2 - HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information -- 🔗来源链接
标签:
神龙速读:该链接的内容为空,无法处理。
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05390722
- https://www.mitel.com/en-ca/support/security-advisories/mitel-product-security-advisory-17-0008
- http://www-01.ibm.com/support/docview.wss?uid=nas8N1021697
- https://wiki.opendaylight.org/view/Security_Advisories
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759
- https://softwaresupport.softwaregrp.com/document/-/facetsearch/document/KM03158613
- https://www.teskalabs.com/blog/teskalabs-bulletin-160826-seacat-sweet32-issue
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03725en_us
- https://support.f5.com/csp/article/K13167034
- http://www-01.ibm.com/support/docview.wss?uid=swg21991482
- https://www.oracle.com/security-alerts/cpujan2020.html
- https://www.oracle.com/security-alerts/cpuoct2020.html
- https://access.redhat.com/articles/2548661
- https://www.openssl.org/blog/blog/2016/08/24/sweet32/
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
标题: 1369383 – (CVE-2016-2183, SWEET32) CVE-2016-2183 SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) -- 🔗来源链接
标签:
神龙速读:以下是从此网页截图中获取到的关键漏洞信息,以Markdown格式呈现: ```markdown ### 漏洞概述 - **漏洞ID**: Bug 1369383 (CVE-2016-2183, SWEET32) - **漏洞类型**: SSL/TLS: Birthday attack against 64-bit block ciphers (SWEET32) - **报告时间**: 2016-08-23 09:15 UTC - **状态**: CLOSED ERRATA - **优先级**: Medium ### 漏洞描述 > Ciphers with 64-bit block sizes used in CBC mode were found to be vulnerable to birthday attack when key renegotiation doesn't happen frequently or at all in long running connections. 3DES cipher as used in TLS protocol is vulnerable to this attack, that allows remote attacker to recover partial plaintext information (XOR of two plaintext blocks). ### 影响的产品和版本 - Red Hat Enterprise Linux 5 - Red Hat Enterprise Linux 6 - Red Hat Enterprise Linux 7 - Oracle Java for Red Hat Enterprise Linux 5 - Oracle Java for Red Hat Enterprise Linux 6 - Oracle Java for Red Hat Enterprise Linux 7 - Red Hat Satellite 5.6 - Red Hat Satellite 5.7 ### 相关安全更新 - RHSA-2016:1940 - RHSA-2017:0175 - RHSA-2017:0175 ### 修复措施 - **OpenSSL**: - DES cipher suites are being moved from HIGH to MEDIUM in OpenSSL 1.0.1u. - 3DES ciphersuits are being moved from HIGH category to MEDIUM in the 1.0.2 branch, and will be disabled by default in the upcoming 1.1.0 release. - **Java**: - Added the 3DES_EDE_CBC to legacy algorithms (using the jdk.tls.legacyAlgorithms security property) which causes all cipher suites using this encryption algorithm to have low priority and only get used if no other non-legacy cipher suite can be negotiated. - **IBM JDK**: - Disabled all TLS/SSL cipher suites using 3DES by default. ### 外部链接 - https://sweet32.info/ ``` 这些信息总结了漏洞的关键细节,包括漏洞ID、类型、报告时间、状态、优先级、描述、影响的产品和版本、相关安全更新以及修复措施等。
- https://www.oracle.com/security-alerts/cpuapr2020.html
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05369415
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05302448
- http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-c05385680
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05302448
- https://access.redhat.com/security/cve/cve-2016-2183
- https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
- http://packetstormsecurity.com/files/142756/IBM-Informix-Dynamic-Server-DLL-Injection-Code-Execution.html
- https://github.com/ssllabs/ssllabs-scan/issues/387#issuecomment-242514633
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
- https://www.exploit-db.com/exploits/42091/exploit
- http://www.securityfocus.com/bid/95568vdb-entry
- http://www.securityfocus.com/bid/92630vdb-entry
- http://www.securitytracker.com/id/1036696vdb-entry
- http://www.debian.org/security/2016/dsa-3673vendor-advisory
标题: USN-3087-2: OpenSSL regression | Ubuntu security notices | Ubuntu -- 🔗来源链接
标签:vendor-advisory
神龙速读:### 关键信息 #### 漏洞编号 - USN-3087-2 #### 漏洞概述 - **问题描述**: USN-3087-1 引入了 OpenSSL 的回归问题。CVE-2016-2182 的修复不完整,导致在解析证书时出现问题。 - **修复情况**: 本次更新修复了该回归问题。 #### 漏洞细节 - **CVE 编号**: - CVE-2016-6304: OpenSSL 错误处理 OCSP 状态请求扩展,可能导致内存消耗,引发拒绝服务。 - CVE-2016-2177: OpenSSL 在执行指针算术时出现未定义行为,可能导致远程攻击者使 OpenSSL 崩溃,引发拒绝服务。此问题只在 Ubuntu 16.04 LTS 中得到解决。 #### 受影响的版本 - 16.04 LTS xenial: `libssl1.0.0 - 1.0.2g-1ubuntu4.5` - 14.04 LTS trusty: `libssl1.0.0 - 1.0.1f-1ubuntu2.21` - 12.04 precise: `libssl1.0.0 - 1.0.1-4ubuntu5.38` #### 更新说明 - 标准系统更新后需重启计算机以应用所有必要更改。 #### 参考链接 - [Launchpad Bug](https://launchpad.net/bugs/1626883)
标题: USN-3087-1: OpenSSL vulnerabilities | Ubuntu security notices | Ubuntu -- 🔗来源链接
标签:vendor-advisory
神龙速读:### 关键漏洞信息 - **公告编号**: USN-3087-1 - **漏洞描述**: OpenSSL的多个安全问题已修复。 - **发布日期**: 2016年9月22日 - **影响版本**: 16.04 LTS, 14.04 LTS, 12.04 #### 具体漏洞细节 - **CVE-2016-6304**: OpenSSL未能正确处理OCSP状态请求扩展,可能导致远程攻击者造成内存消耗,引发拒绝服务。 - **CVE-2016-2177**: OpenSSL在执行指针运算时使用了未定义的行为,可能导致远程攻击者使OpenSSL崩溃,引发拒绝服务。 - **CVE-2016-2178**: OpenSSL在执行DSA签名时没有正确使用常数时间操作,可能导致远程攻击者执行缓存时序攻击并恢复私钥。 #### 修复方案 - **系统更新**:将系统更新至指定的软件包版本: - **Ubuntu 16.04 LTS**: `libssl1.0.0` 版本为 `1.0.2g-1ubuntu4.4` - **Ubuntu 14.04 LTS**: `libssl1.0.0` 版本为 `1.0.1f-1ubuntu2.20` - **Ubuntu 12.04**: `libssl1.0.0` 版本为 `1.0.1-4ubuntu5.37` #### 相关CVE和公告 - **漏洞编号**: - CVE-2016-6304、CVE-2016-6306、CVE-2016-6303、CVE-2016-6302、CVE-2016-2183、CVE-2016-2182、CVE-2016-2181、CVE-2016-2180、CVE-2016-2179、CVE-2016-2178 - **相关公告**: - USN-3372-1、USN-3270-1、USN-3198-1、USN-3194-1、USN-3181-1、USN-3179-1 #### 建议 - 及时更新系统以防安全风险。 - 考虑使用Ubuntu Pro以获得更长时间的安全支持。
- http://www.ubuntu.com/usn/USN-3270-1vendor-advisory
- http://www.ubuntu.com/usn/USN-3198-1vendor-advisory
- http://www.ubuntu.com/usn/USN-3179-1vendor-advisory
- http://www.ubuntu.com/usn/USN-3194-1vendor-advisory
- http://www.ubuntu.com/usn/USN-3372-1vendor-advisory
- https://access.redhat.com/errata/RHSA-2017:3113vendor-advisory
- http://rhn.redhat.com/errata/RHSA-2017-0462.htmlvendor-advisory
- https://access.redhat.com/errata/RHSA-2017:2708vendor-advisory
- https://access.redhat.com/errata/RHSA-2018:2123vendor-advisory
- https://access.redhat.com/errata/RHSA-2017:2710vendor-advisory
- https://access.redhat.com/errata/RHSA-2019:1245vendor-advisory
- https://access.redhat.com/errata/RHSA-2017:3114vendor-advisory
- http://rhn.redhat.com/errata/RHSA-2017-0338.htmlvendor-advisory
- https://access.redhat.com/errata/RHSA-2019:2859vendor-advisory
- https://access.redhat.com/errata/RHSA-2017:1216vendor-advisory
- http://rhn.redhat.com/errata/RHSA-2017-0337.htmlvendor-advisory
- https://access.redhat.com/errata/RHSA-2017:2709vendor-advisory
标题: OpenSSL: Multiple vulnerabilities (GLSA 201612-16) — Gentoo security -- 🔗来源链接
标签:vendor-advisory
神龙速读:### 漏洞关键信息 - **漏洞名称**: OpenSSL: Multiple vulnerabilities - GLSA 201612-16 - **发布日期**: December 07, 2016 - **最近修订日期**: December 07, 2016: 1 - **严重性**: normal - **可利用性**: local, remote #### 影响的包 - **包名**: dev-libs/openssl - **影响版本**: < 1.0.2j - **不受影响版本**: >= 1.0.2j #### 描述 - 多个漏洞已发现于OpenSSL中。请参考CVE标识符和国际密码研究协会(IACR)的论文《Make Sure DSA Signing Exponentiations Really are Constant-Time》以获取更多细节。 #### 影响 - 远程攻击者可能导致服务拒绝条件或有其他未指定的影响。此外,基于时间的侧信道攻击可能允许本地攻击者恢复私钥DSA。 #### 解决方案 - 所有OpenSSL用户应升级至最新版本: ``` # emerge --sync # emerge --ask --oneshot --verbose ">=dev-libs/openssl-1.0.2j" ``` #### 参考 - [CVE-2016-2105](https://nvd.nist.gov/vuln/detail/CVE-2016-2105) - [CVE-2016-2106](https://nvd.nist.gov/vuln/detail/CVE-2016-2106) ... - [Make Sure DSA Signing Exponentiations Really are Constant-Time](#)
- http://rhn.redhat.com/errata/RHSA-2017-0336.htmlvendor-advisory
- https://security.gentoo.org/glsa/201701-65vendor-advisory
- https://access.redhat.com/errata/RHSA-2020:0451vendor-advisory
- https://security.gentoo.org/glsa/201707-01vendor-advisory
- https://access.redhat.com/errata/RHSA-2017:3240vendor-advisory
- https://access.redhat.com/errata/RHSA-2017:3239vendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00023.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00005.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00024.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00010.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2017-05/msg00076.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00011.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00012.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2017-10/msg00011.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00022.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00028.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00013.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2017-01/msg00068.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00023.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-09/msg00031.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2018-02/msg00032.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00021.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00003.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2017-02/msg00032.htmlvendor-advisory
- http://lists.opensuse.org/opensuse-security-announce/2016-10/msg00029.htmlvendor-advisory
- https://www.ietf.org/mail-archive/web/tls/current/msg04560.htmlmailing-list
- http://seclists.org/fulldisclosure/2017/Jul/31mailing-list
- http://www.securityfocus.com/archive/1/archive/1/542005/100/0/threadedmailing-list
- http://www.securityfocus.com/archive/1/542005/100/0/threadedmailing-list
- http://seclists.org/fulldisclosure/2017/May/105mailing-list
- https://seclists.org/bugtraq/2018/Nov/21mailing-list
- http://www.securityfocus.com/archive/1/540341/100/0/threadedmailing-list
- http://www.securityfocus.com/archive/1/archive/1/540341/100/0/threadedmailing-list
- http://www.securityfocus.com/archive/1/archive/1/540129/100/0/threadedmailing-list
- http://www.securityfocus.com/archive/1/541104/100/0/threadedmailing-list
- http://www.securityfocus.com/archive/1/archive/1/541104/100/0/threadedmailing-list
- http://www.securityfocus.com/archive/1/archive/1/539885/100/0/threadedmailing-list
- http://www.securityfocus.com/archive/1/539885/100/0/threadedmailing-list
- https://nvd.nist.gov/vuln/detail/CVE-2016-2183
四、漏洞 CVE-2016-2183 的评论
暂无评论