漏洞类别:Cisco
漏洞等级: 
漏洞信息
OpenSSL Software Foundation released 16 OpenSSL vulnerabilities:
Fourteen track issues that could result in a denial of service (DoS) condition
One (CVE-2016-2183, aka SWEET32) tracks an implementation of a Birthday attack against Transport Layer Security (TLS) block ciphers that use a 64-bit block size that could result in loss of confidentiality
One (CVE-2016-2178) is a timing side-channel attack that, in specific circumstances, could allow an attacker to derive the private DSA key that belongs to another user or service running on the same system
漏洞危害
Successful exploitation allows attacker to compromise the system.
解决方案
Refer to Cisco advisory cisco-sa-20160927-openssl for updates and patch information.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
0day
文章评论