Vulnerability Details : CVE-2016-5285
A Null pointer dereference vulnerability exists in Mozilla Network Security Services due to a missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime, which could let a remote malicious user cause a Denial of Service.
Vulnerability category: Memory CorruptionDenial of service
Products affected by CVE-2016-5285
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*
- cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*
- cpe:2.3:a:mozilla:nss:*:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:message_networking:*:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_application_server_5300:3.0:-:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp10:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp10.1:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp11:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp11.1:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.1:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.2:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.3:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp12.5:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp3:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp5:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_application_server_5300:3.0:sp7:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:8.1:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:9.1:-:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:9.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:9.1:sp10:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:9.1:sp11:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:9.1:sp12:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:9.1:sp3:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:9.1:sp4:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:9.1:sp5:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:9.1:sp6:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:9.1:sp7:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:9.1:sp8:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:9.1:sp9:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:10.0:-:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:10.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:10.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:10.0:sp3:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:10.0:sp4:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:10.0:sp5:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:10.0:sp6:*:*:*:*:*:*
- cpe:2.3:a:avaya:ip_office:10.0:sp7:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_conferencing:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_conferencing:7.2:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_conferencing:8.0:-:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_conferencing:8.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_conferencing:8.0:sp4:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_conferencing:8.0:sp5:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_conferencing:8.0:sp7:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_conferencing:8.0:sp8:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_conferencing:8.0:sp9:*:*:*:*:*:*
- Avaya » Aura Communication ManagerVersions from including (>=) 6.0 and up to, including, (<=) 6.3.117.0cpe:2.3:a:avaya:aura_communication_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_communication_manager:7.0:-:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_communication_manager:7.0:sp:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_communication_manager:7.0:sp3:*:*:*:*:*:*
- cpe:2.3:a:avaya:meeting_exchange:6.2:-:*:*:*:*:*:*
- cpe:2.3:a:avaya:meeting_exchange:6.2:sp3:*:*:*:*:*:*
- cpe:2.3:a:avaya:proactive_contact:*:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_session_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_session_manager:7.0:-:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_session_manager:7.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_session_manager:7.0:sp2:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_session_manager:7.0.1:-:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_session_manager:7.0.1:sp1:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_session_manager:7.0.1:sp2:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_system_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_system_manager:*:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:iq:5.2.x:*:*:*:*:*:*:*
- cpe:2.3:o:avaya:cs1000e_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:o:avaya:cs1000m_firmware:*:*:*:*:*:*:*:*
- Avaya » Cs1000e/cs1000m Signaling Server FirmwareVersions from including (>=) 7.0 and up to, including, (<=) 7.6cpe:2.3:o:avaya:cs1000e\/cs1000m_signaling_server_firmware:*:*:*:*:*:*:*:*
- Avaya » Session Border Controller For Enterprise FirmwareVersions from including (>=) 7.0 and up to, including, (<=) 7.1cpe:2.3:o:avaya:session_border_controller_for_enterprise_firmware:*:*:*:*:*:*:*:*
- Avaya » Session Border Controller For Enterprise FirmwareVersions from including (>=) 6.2 and up to, including, (<=) 6.3cpe:2.3:o:avaya:session_border_controller_for_enterprise_firmware:*:*:*:*:*:*:*:*
- Avaya » Aura System Platform FirmwareVersions from including (>=) 6.3 and up to, including, (<=) 6.4.0cpe:2.3:o:avaya:aura_system_platform_firmware:*:*:*:*:*:*:*:*
- Avaya » Aura Application Enablement ServicesVersions from including (>=) 6.1 and up to, including, (<=) 6.3.3cpe:2.3:a:avaya:aura_application_enablement_services:*:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_application_enablement_services:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_communication_manager_messagint:7.0:-:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_communication_manager_messagint:7.0:sp1:*:*:*:*:*:*
- cpe:2.3:a:avaya:breeze_platform:*:*:*:*:*:*:*:*
- Avaya » Call Management SystemVersions from including (>=) 18.0.0.1 and up to, including, (<=) 18.0.0.2cpe:2.3:a:avaya:call_management_system:*:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:call_management_system:17.0:-:*:*:*:*:*:*
- cpe:2.3:a:avaya:call_management_system:17.0:r3:*:*:*:*:*:*
- cpe:2.3:a:avaya:call_management_system:17.0:r4:*:*:*:*:*:*
- cpe:2.3:a:avaya:call_management_system:17.0:r5:*:*:*:*:*:*
- cpe:2.3:a:avaya:call_management_system:17.0:r6:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_experience_portal:*:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_messaging:6.3:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_messaging:6.3.3:-:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_messaging:6.3.3:sp4:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_messaging:6.3.3:sp5:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_messaging:6.3.3:sp6:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_utility_services:*:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:aura_utility_services:*:*:*:*:*:*:*:*
- cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:-:*:*:*:*:*:*
- cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:sp1:*:*:*:*:*:*
- cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:sp2:*:*:*:*:*:*
- cpe:2.3:a:avaya:one-x_client_enablement_services:6.2:sp5:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-5285
2.30%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 90 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-5285
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:N/I:N/A:P |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2016-5285
-
The product dereferences a pointer that it expects to be valid but is NULL.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-5285
-
http://rhn.redhat.com/errata/RHSA-2016-2779.html
RHSA-2016:2779 - Security Advisory - Red Hat Customer Portal
-
http://www.ubuntu.com/usn/USN-3163-1
USN-3163-1: NSS vulnerabilities | Ubuntu security notices
-
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00049.html
[security-announce] SUSE-SU-2016:3105-1: important: Security update forMailing List;Third Party Advisory
-
https://bto.bluecoat.com/security-advisory/sa137
SA137 : NSS Vulnerabilities
-
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00037.html
[security-announce] SUSE-SU-2016:3080-1: important: Security update for
-
http://www.securityfocus.com/bid/94349
Mozilla Network Security Services CVE-2016-5285 Denial of Service Vulnerability
-
https://security.gentoo.org/glsa/201701-46
Mozilla Network Security Service (NSS): Multiple vulnerabilities (GLSA 201701-46) — Gentoo security
-
http://lists.opensuse.org/opensuse-security-announce/2016-12/msg00011.html
[security-announce] SUSE-SU-2016:3014-1: important: Security update for
-
https://bugzilla.mozilla.org/show_bug.cgi?id=1306103
1306103 - (CVE-2016-5285) Missing NULL check in PK11_SignWithSymKey / ssl3_ComputeRecordMACConstantTime causes server crash
Jump to