CVE-2016-2194

Published on: 05/13/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:14 PM UTC

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Certain versions of Botan from Botan Project contain the following vulnerability:

The ressol function in Botan before 1.10.11 and 1.11.x before 1.11.27 allows remote attackers to cause a denial of service (infinite loop) via unspecified input to the OS2ECP function, related to a composite modulus.

  • CVE-2016-2194 has been assigned by [email protected] to track the vulnerability - currently rated as HIGH severity.

CVSS3 Score: 7.5 - HIGH

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW NONE NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED NONE NONE HIGH

CVSS2 Score: 5 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK LOW NONE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE NONE PARTIAL

CVE References

Description Tags Link
Debian -- Security Information -- DSA-3565-1 botan1.10 www.debian.org
Depreciated Link
text/html
URL Logo DEBIAN DSA-3565
'[botan-devel] Botan 1.10.12 released' - MARC Vendor Advisory
marc.info
text/html
URL Logo MLIST [botan-devel] 20160203 Botan 1.10.12 released
Security — Botan Vendor Advisory
botan.randombit.net
text/html
URL Logo CONFIRM botan.randombit.net/security.html
'[botan-devel] Botan 1.11.28 and 1.10.11 released with security fixes' - MARC Vendor Advisory
marc.info
text/html
URL Logo MLIST [botan-devel] 20160201 Botan 1.11.28 and 1.10.11 released with security fixes
Botan: Multiple vulnerabilities (GLSA 201612-38) — Gentoo security security.gentoo.org
text/html
URL Logo GENTOO GLSA-201612-38

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationBotan ProjectBotan1.11.0AllAllAll
ApplicationBotan ProjectBotan1.11.1AllAllAll
ApplicationBotan ProjectBotan1.11.10AllAllAll
ApplicationBotan ProjectBotan1.11.11AllAllAll
ApplicationBotan ProjectBotan1.11.12AllAllAll
ApplicationBotan ProjectBotan1.11.13AllAllAll
ApplicationBotan ProjectBotan1.11.14AllAllAll
ApplicationBotan ProjectBotan1.11.15AllAllAll
ApplicationBotan ProjectBotan1.11.16AllAllAll
ApplicationBotan ProjectBotan1.11.17AllAllAll
ApplicationBotan ProjectBotan1.11.18AllAllAll
ApplicationBotan ProjectBotan1.11.19AllAllAll
ApplicationBotan ProjectBotan1.11.2AllAllAll
ApplicationBotan ProjectBotan1.11.20AllAllAll
ApplicationBotan ProjectBotan1.11.21AllAllAll
ApplicationBotan ProjectBotan1.11.22AllAllAll
ApplicationBotan ProjectBotan1.11.23AllAllAll
ApplicationBotan ProjectBotan1.11.24AllAllAll
ApplicationBotan ProjectBotan1.11.25AllAllAll
ApplicationBotan ProjectBotan1.11.26AllAllAll
ApplicationBotan ProjectBotan1.11.3AllAllAll
ApplicationBotan ProjectBotan1.11.4AllAllAll
ApplicationBotan ProjectBotan1.11.5AllAllAll
ApplicationBotan ProjectBotan1.11.6AllAllAll
ApplicationBotan ProjectBotan1.11.7AllAllAll
ApplicationBotan ProjectBotan1.11.8AllAllAll
ApplicationBotan ProjectBotan1.11.9AllAllAll
ApplicationBotan ProjectBotan1.11.0AllAllAll
ApplicationBotan ProjectBotan1.11.1AllAllAll
ApplicationBotan ProjectBotan1.11.10AllAllAll
ApplicationBotan ProjectBotan1.11.11AllAllAll
ApplicationBotan ProjectBotan1.11.12AllAllAll
ApplicationBotan ProjectBotan1.11.13AllAllAll
ApplicationBotan ProjectBotan1.11.14AllAllAll
ApplicationBotan ProjectBotan1.11.15AllAllAll
ApplicationBotan ProjectBotan1.11.16AllAllAll
ApplicationBotan ProjectBotan1.11.17AllAllAll
ApplicationBotan ProjectBotan1.11.18AllAllAll
ApplicationBotan ProjectBotan1.11.19AllAllAll
ApplicationBotan ProjectBotan1.11.2AllAllAll
ApplicationBotan ProjectBotan1.11.20AllAllAll
ApplicationBotan ProjectBotan1.11.21AllAllAll
ApplicationBotan ProjectBotan1.11.22AllAllAll
ApplicationBotan ProjectBotan1.11.23AllAllAll
ApplicationBotan ProjectBotan1.11.24AllAllAll
ApplicationBotan ProjectBotan1.11.25AllAllAll
ApplicationBotan ProjectBotan1.11.26AllAllAll
ApplicationBotan ProjectBotan1.11.3AllAllAll
ApplicationBotan ProjectBotan1.11.4AllAllAll
ApplicationBotan ProjectBotan1.11.5AllAllAll
ApplicationBotan ProjectBotan1.11.6AllAllAll
ApplicationBotan ProjectBotan1.11.7AllAllAll
ApplicationBotan ProjectBotan1.11.8AllAllAll
ApplicationBotan ProjectBotan1.11.9AllAllAll
ApplicationBotan ProjectBotanAllAllAllAll
Operating
System
DebianDebian Linux8.0AllAllAll
Operating
System
DebianDebian Linux8.0AllAllAll
  • cpe:2.3:a:botan_project:botan:1.11.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.10:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.11:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.12:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.13:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.14:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.15:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.16:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.17:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.18:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.19:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.20:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.21:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.22:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.23:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.24:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.25:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.26:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.5:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.7:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.8:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.9:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.0:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.1:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.10:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.11:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.12:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.13:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.14:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.15:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.16:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.17:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.18:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.19:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.2:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.20:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.21:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.22:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.23:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.24:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.25:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.26:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.3:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.4:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.5:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.6:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.7:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.8:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:1.11.9:*:*:*:*:*:*:*:
  • cpe:2.3:a:botan_project:botan:*:*:*:*:*:*:*:*:
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*:
  • cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*: