virus logo FortiClient Vulnerability

OpenSSL CVE-2016-2181 Numeric Errors Vulnerability

description-logoDescription

Severity: LowA flaw in the DTLS replay attack protection mechanism means that records thatarrive for future epochs update the replay protection "window" before the MACfor the record has been validated. This could be exploited by an attacker bysending a record for the next epoch (which does not have to decrypt or have avalid MAC), with a very large sequence number. This means that all subsequentlegitimate packets are dropped causing a denial of service for a specificDTLS connection.OpenSSL 1.0.2 DTLS users should upgrade to 1.0.2iOpenSSL 1.0.1 DTLS users should upgrade to 1.0.1uThis issue was reported to OpenSSL on 21st November 2015 by the OCAP audit team.The fix was developed by Matt Caswell of the OpenSSL development team.

affected-products-logoAffected Applications

OpenSSL

CVE References

CVE-2016-2181

Other References

https://www.openssl.org/news/vulnerabilities.html
ID 39871
Created Jan 17, 2020
Description
Updated		 Dec 19, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Linux
Vendor OpenSSL
Patch manual
Application OpenSSL