TLS Padding Oracle in MatrixSSL
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2016-6883 |
| CWE-ID | CWE-310 |
| Exploitation vector | Local network |
| Public exploit | N/A |
| Vulnerable software Subscribe |
MatrixSSL Server applications / Server solutions for antivurus protection |
| Vendor |
Security Bulletin
This security bulletin contains one medium risk vulnerability.
1) TLS Padding Oracle
EUVDB-ID: #VU84951
Risk: Medium
CVSSv3.1: 5.3 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2016-6883
CWE-ID:
CWE-310 - Cryptographic Issues
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to decrypt TLS traffic.
The vulnerability exists due to an error in TLS implementation. A remote attacker with ability to establish a large number of TLS connections with the target server can conduct an adaptive-chosen ciphertext attack against RSA cipher and gain access to sensitive information.
The attack is known as "ROBOT" (Return Of Bleichenbacher's Oracle Threat).
MitigationInstall update from vendor's website.
Vulnerable software versionsMatrixSSL: before 3.8.3
External linkshttp://www.openwall.com/lists/oss-security/2016/08/19/8
http://github.com/matrixssl/matrixssl/blob/master/CHANGES.md
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
