CVE-2016-0777
Summary
| CVE | CVE-2016-0777 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2016-01-14 22:59:00 UTC |
| Updated | 2022-12-13 12:15:00 UTC |
| Description | The resend_bytes function in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2 allows remote servers to obtain sensitive information from process memory by requesting transmission of an entire buffer, as demonstrated by reading a private key. |
Risk And Classification
Problem Types: CWE-200
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Apple | Mac Os X | All | All | All | All |
| Application | Hp | Remote Device Access Virtual Customer Access System | All | All | All | All |
| Application | Openbsd | Openssh | 5.0 | All | All | All |
| Application | Openbsd | Openssh | 5.0 | p1 | All | All |
| Application | Openbsd | Openssh | 5.1 | All | All | All |
| Application | Openbsd | Openssh | 5.1 | p1 | All | All |
| Application | Openbsd | Openssh | 5.2 | All | All | All |
| Application | Openbsd | Openssh | 5.2 | p1 | All | All |
| Application | Openbsd | Openssh | 5.3 | All | All | All |
| Application | Openbsd | Openssh | 5.3 | p1 | All | All |
| Application | Openbsd | Openssh | 5.4 | All | All | All |
| Application | Openbsd | Openssh | 5.4 | p1 | All | All |
| Application | Openbsd | Openssh | 5.5 | All | All | All |
| Application | Openbsd | Openssh | 5.5 | p1 | All | All |
| Application | Openbsd | Openssh | 5.6 | All | All | All |
| Application | Openbsd | Openssh | 5.6 | p1 | All | All |
| Application | Openbsd | Openssh | 5.7 | All | All | All |
| Application | Openbsd | Openssh | 5.7 | p1 | All | All |
| Application | Openbsd | Openssh | 5.8 | All | All | All |
| Application | Openbsd | Openssh | 5.8 | p1 | All | All |
| Application | Openbsd | Openssh | 5.9 | All | All | All |
| Application | Openbsd | Openssh | 5.9 | p1 | All | All |
| Application | Openbsd | Openssh | 6.0 | All | All | All |
| Application | Openbsd | Openssh | 6.0 | p1 | All | All |
| Application | Openbsd | Openssh | 6.1 | All | All | All |
| Application | Openbsd | Openssh | 6.1 | p1 | All | All |
| Application | Openbsd | Openssh | 6.2 | All | All | All |
| Application | Openbsd | Openssh | 6.2 | p1 | All | All |
| Application | Openbsd | Openssh | 6.2 | p2 | All | All |
| Application | Openbsd | Openssh | 6.3 | All | All | All |
| Application | Openbsd | Openssh | 6.3 | p1 | All | All |
| Application | Openbsd | Openssh | 6.4 | All | All | All |
| Application | Openbsd | Openssh | 6.4 | p1 | All | All |
| Application | Openbsd | Openssh | 6.5 | All | All | All |
| Application | Openbsd | Openssh | 6.5 | p1 | All | All |
| Application | Openbsd | Openssh | 6.6 | All | All | All |
| Application | Openbsd | Openssh | 6.6 | p1 | All | All |
| Application | Openbsd | Openssh | 6.7 | All | All | All |
| Application | Openbsd | Openssh | 6.7 | p1 | All | All |
| Application | Openbsd | Openssh | 6.8 | All | All | All |
| Application | Openbsd | Openssh | 6.8 | p1 | All | All |
| Application | Openbsd | Openssh | 6.9 | All | All | All |
| Application | Openbsd | Openssh | 6.9 | p1 | All | All |
| Application | Openbsd | Openssh | 7.0 | All | All | All |
| Application | Openbsd | Openssh | 7.0 | p1 | All | All |
| Application | Openbsd | Openssh | 7.1 | All | All | All |
| Application | Openbsd | Openssh | 7.1 | p1 | All | All |
| Application | Openbsd | Openssh | 5.0 | All | All | All |
| Application | Openbsd | Openssh | 5.0 | p1 | All | All |
| Application | Openbsd | Openssh | 5.1 | All | All | All |
| Application | Openbsd | Openssh | 5.1 | p1 | All | All |
| Application | Openbsd | Openssh | 5.2 | All | All | All |
| Application | Openbsd | Openssh | 5.2 | p1 | All | All |
| Application | Openbsd | Openssh | 5.3 | All | All | All |
| Application | Openbsd | Openssh | 5.3 | p1 | All | All |
| Application | Openbsd | Openssh | 5.4 | All | All | All |
| Application | Openbsd | Openssh | 5.4 | p1 | All | All |
| Application | Openbsd | Openssh | 5.5 | All | All | All |
| Application | Openbsd | Openssh | 5.5 | p1 | All | All |
| Application | Openbsd | Openssh | 5.6 | All | All | All |
| Application | Openbsd | Openssh | 5.6 | p1 | All | All |
| Application | Openbsd | Openssh | 5.7 | All | All | All |
| Application | Openbsd | Openssh | 5.7 | p1 | All | All |
| Application | Openbsd | Openssh | 5.8 | All | All | All |
| Application | Openbsd | Openssh | 5.8 | p1 | All | All |
| Application | Openbsd | Openssh | 5.9 | All | All | All |
| Application | Openbsd | Openssh | 5.9 | p1 | All | All |
| Application | Openbsd | Openssh | 6.0 | All | All | All |
| Application | Openbsd | Openssh | 6.0 | p1 | All | All |
| Application | Openbsd | Openssh | 6.1 | All | All | All |
| Application | Openbsd | Openssh | 6.1 | p1 | All | All |
| Application | Openbsd | Openssh | 6.2 | All | All | All |
| Application | Openbsd | Openssh | 6.2 | p1 | All | All |
| Application | Openbsd | Openssh | 6.2 | p2 | All | All |
| Application | Openbsd | Openssh | 6.3 | All | All | All |
| Application | Openbsd | Openssh | 6.3 | p1 | All | All |
| Application | Openbsd | Openssh | 6.4 | All | All | All |
| Application | Openbsd | Openssh | 6.4 | p1 | All | All |
| Application | Openbsd | Openssh | 6.5 | All | All | All |
| Application | Openbsd | Openssh | 6.5 | p1 | All | All |
| Application | Openbsd | Openssh | 6.6 | All | All | All |
| Application | Openbsd | Openssh | 6.6 | p1 | All | All |
| Application | Openbsd | Openssh | 6.7 | All | All | All |
| Application | Openbsd | Openssh | 6.7 | p1 | All | All |
| Application | Openbsd | Openssh | 6.8 | All | All | All |
| Application | Openbsd | Openssh | 6.8 | p1 | All | All |
| Application | Openbsd | Openssh | 6.9 | All | All | All |
| Application | Openbsd | Openssh | 6.9 | p1 | All | All |
| Application | Openbsd | Openssh | 7.0 | All | All | All |
| Application | Openbsd | Openssh | 7.0 | p1 | All | All |
| Application | Openbsd | Openssh | 7.1 | All | All | All |
| Application | Openbsd | Openssh | 7.1 | p1 | All | All |
| Operating System | Oracle | Linux | 7 | All | All | All |
| Operating System | Oracle | Linux | 7 | All | All | All |
| Operating System | Oracle | Solaris | 11.3 | All | All | All |
| Operating System | Oracle | Solaris | 11.3 | All | All | All |
| Hardware | Sophos | Unified Threat Management | 110 | All | All | All |
| Hardware | Sophos | Unified Threat Management | 120 | All | All | All |
| Hardware | Sophos | Unified Threat Management | 220 | All | All | All |
| Hardware | Sophos | Unified Threat Management | 320 | All | All | All |
| Hardware | Sophos | Unified Threat Management | 425 | All | All | All |
| Hardware | Sophos | Unified Threat Management | 525 | All | All | All |
| Hardware | Sophos | Unified Threat Management | 625 | All | All | All |
| Hardware | Sophos | Unified Threat Management | 110 | All | All | All |
| Hardware | Sophos | Unified Threat Management | 120 | All | All | All |
| Hardware | Sophos | Unified Threat Management | 220 | All | All | All |
| Hardware | Sophos | Unified Threat Management | 320 | All | All | All |
| Hardware | Sophos | Unified Threat Management | 425 | All | All | All |
| Hardware | Sophos | Unified Threat Management | 525 | All | All | All |
| Hardware | Sophos | Unified Threat Management | 625 | All | All | All |
| Application | Sophos | Unified Threat Management Software | 9.318 | All | All | All |
| Application | Sophos | Unified Threat Management Software | 9.353 | All | All | All |
| Application | Sophos | Unified Threat Management Software | 9.318 | All | All | All |
| Application | Sophos | Unified Threat Management Software | 9.353 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| UTM Up2Date 9.354 released | Sophos Blog | CONFIRM | blogs.sophos.com | Third Party Advisory |
| APPLE-SA-2016-03-21-5 OS X El Capitan 10.11.4 and Security Update 2016-002 | APPLE | lists.apple.com | Mailing List, Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20566.www2.hpe.com | Third Party Advisory |
| FreeBSD-SA-16:07 | FREEBSD | security.FreeBSD.org | Third Party Advisory |
| oss-security - Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 | MLIST | www.openwall.com | Mailing List, Third Party Advisory |
| 2016-04 Security Bulletin: Junos: OpenSSH Client Information Leak and Buffer Overflow in roaming support (CVE-2016-0777, CVE-2016-0778) - Juniper Networks | CONFIRM | kb.juniper.net | Third Party Advisory |
| [security-announce] SUSE-SU-2016:0118-1: critical: Security update for o | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| Broadcom Support Portal | CONFIRM | bto.bluecoat.com | Third Party Advisory |
| UTM Up2Date 9.319 released | Sophos Blog | CONFIRM | blogs.sophos.com | Third Party Advisory |
| [security-announce] SUSE-SU-2016:0120-1: critical: Security update for o | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| [security-announce] openSUSE-SU-2016:0128-1: critical: Security update f | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20566.www2.hpe.com | Third Party Advisory |
| [security-announce] openSUSE-SU-2016:0127-1: critical: Security update f | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| Oracle Solaris Third Party Bulletin - October 2015 | CONFIRM | www.oracle.com | Third Party Advisory |
| USN-2869-1: OpenSSH vulnerabilities | Ubuntu | UBUNTU | www.ubuntu.com | Third Party Advisory |
| OpenSSH CVE-2016-0777 Information Disclosure Vulnerability | BID | www.securityfocus.com | Third Party Advisory, VDB Entry |
| www.openssh.com/txt/release-7.1p2 | CONFIRM | www.openssh.com | Vendor Advisory |
| OpenSSH Flaws Let Remote Authenticated Users Obtain Potentially Sensitive Information From Client Memory - SecurityTracker | SECTRACK | www.securitytracker.com | Third Party Advisory, VDB Entry |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | Third Party Advisory, VDB Entry |
| Full Disclosure: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 | FULLDISC | seclists.org | Mailing List, Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20566.www2.hpe.com | Third Party Advisory |
| [SECURITY] Fedora 22 Update: gsi-openssh-6.9p1-7.fc22 | FEDORA | lists.fedoraproject.org | Mailing List, Third Party Advisory |
| cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf | CONFIRM | cert-portal.siemens.com | |
| [SECURITY] Fedora 22 Update: openssh-6.9p1-10.fc22 | FEDORA | lists.fedoraproject.org | Mailing List, Third Party Advisory |
| Oracle Linux Bulletin - January 2016 | CONFIRM | www.oracle.com | Third Party Advisory |
| Document Display | HPE Support Center | CONFIRM | h20566.www2.hpe.com | Third Party Advisory |
| Debian -- Security Information -- DSA-3446-1 openssh | DEBIAN | www.debian.org | Third Party Advisory |
| Qualys Security Advisory - OpenSSH Overflow / Leak ≈ Packet Storm | MISC | packetstormsecurity.com | Third Party Advisory, VDB Entry |
| [security-announce] SUSE-SU-2016:0119-1: critical: Security update for o | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| [SECURITY] Fedora 23 Update: gsi-openssh-7.1p2-1.fc23 | FEDORA | lists.fedoraproject.org | Mailing List, Third Party Advisory |
| [security-announce] SUSE-SU-2016:0117-1: critical: Security update for o | SUSE | lists.opensuse.org | Mailing List, Third Party Advisory |
| About the security content of OS X El Capitan v10.11.4 and Security Update 2016-002 - Apple Support | CONFIRM | support.apple.com | Third Party Advisory |
| [SECURITY] Fedora 23 Update: openssh-7.1p2-1.fc23 | FEDORA | lists.fedoraproject.org | Mailing List, Third Party Advisory |
| OpenSSH: Multiple vulnerabilities (GLSA 201601-01) — Gentoo Security | GENTOO | security.gentoo.org | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.