CalvinBackup/CVEs-PoC
1
0
Fork 0
mirror of https://github.com/0xMarcio/cve.git synced 2026-05-25 00:14:09 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
c8d0b27a95da01ac2a8d3d5e884ef1c77259d7be
CVEs-PoC/2016/CVE-2016-0800.md
T
0xMarcio cb00e1339f Update CVE list 2025-09-29 21:09
2025-09-29 21:09:30 +02:00

99 lines
5.1 KiB
Markdown
Raw Blame History

### [CVE-2016-0800](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0800)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brightgreen)
### Description
The SSLv2 protocol, as used in OpenSSL before 1.0.1s and 1.0.2 before 1.0.2g and other products, requires a server to send a ServerVerify message before establishing that a client possesses certain plaintext RSA data, which makes it easier for remote attackers to decrypt TLS ciphertext data by leveraging a Bleichenbacher RSA padding oracle, aka a "DROWN" attack.
### POC
#### Reference
- http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
- http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
- http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
- http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
- http://www.securityfocus.com/bid/91787
- https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05068681
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05086877
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05096953
- https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05143554
- https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168
- https://kc.mcafee.com/corporate/index?page=content&id=SB10154
- https://www.kb.cert.org/vuls/id/583776
#### Github
- https://github.com/1N3/MassBleed
- https://github.com/84KaliPleXon3/a2sv
- https://github.com/AKApul/03-sysadmin-09-security
- https://github.com/ARPSyndicate/cvemon
- https://github.com/Artem-Salnikov/devops-netology
- https://github.com/Artem-Tvr/sysadmin-09-security
- https://github.com/F4RM0X/script_a2sv
- https://github.com/H4CK3RT3CH/a2sv
- https://github.com/Janith-Sandamal/Metasploitable2
- https://github.com/Justic-D/Dev_net_home_1
- https://github.com/Kapotov/3.9.1
- https://github.com/Live-Hack-CVE/CVE-2016-0704
- https://github.com/MARNISAISATVIKA/SURE-Trust-Network-Penetration-Testing
- https://github.com/MrE-Fog/a2sv
- https://github.com/Mre11i0t/a2sv
- https://github.com/Nissiuser/Vulnerability-Scan-Report
- https://github.com/Officerwasu/Elevate-Labs-Task-3
- https://github.com/PS-RANASINGHE/Crypto-Ex---7
- https://github.com/RClueX/Hackerone-Reports
- https://github.com/RedHatSatellite/satellite-host-cve
- https://github.com/Ruzi79/CyberSecurityLab4
- https://github.com/Samaritin/OSINT
- https://github.com/TheRipperJhon/a2sv
- https://github.com/Tim---/drown
- https://github.com/Vainoord/devops-netology
- https://github.com/Valdem88/dev-17_ib-yakovlev_vs
- https://github.com/Vanessapan001/pentest-2-Initial-Access-and-Internal-Recon
- https://github.com/Vladislav-Pugachev/netology-DevOps-dz_-14
- https://github.com/WiktorMysz/devops-netology
- https://github.com/aaronamran/Vulnerability-Scanning-Lab-with-OpenVAS-and-Metasploitable2
- https://github.com/alexandrburyakov/Rep2
- https://github.com/alexgro1982/devops-netology
- https://github.com/alexoslabs/HTTPSScan
- https://github.com/anthophilee/A2SV--SSL-VUL-Scan
- https://github.com/asastillero/vuln-management-workflow
- https://github.com/bysart/devops-netology
- https://github.com/chnzzh/OpenSSL-CVE-lib
- https://github.com/clic-kbait/A2SV--SSL-VUL-Scan
- https://github.com/clino-mania/A2SV--SSL-VUL-Scan
- https://github.com/coldorb0/SSL-Scanner
- https://github.com/dmitrii1312/03-sysadmin-09
- https://github.com/fireorb/SSL-Scanner
- https://github.com/fireorb/sslscanner
- https://github.com/geon071/netolofy_12
- https://github.com/giterlizzi/secdb-feeds
- https://github.com/hahwul/a2sv
- https://github.com/halencarjunior/HTTPSScan-PYTHON
- https://github.com/halon/changelog
- https://github.com/hero2zero/burp-ssl-scanner-plus-plus
- https://github.com/ilya-starchikov/devops-netology
- https://github.com/imhunterand/hackerone-publicy-disclosed
- https://github.com/kernelfucker/sslv
- https://github.com/koorchik/dissert
- https://github.com/koorchik/llm-analysis-of-text-data
- https://github.com/lithekevin/Threat-TLS
- https://github.com/nikolay480/devops-netology
- https://github.com/notnarb/docker-murmur
- https://github.com/odolezal/D-Link-DIR-655
- https://github.com/pankajkryadav/Hacktivity
- https://github.com/pashicop/3.9_1
- https://github.com/r3p3r/1N3-MassBleed
- https://github.com/saulandresv/TESTSOCRAT
- https://github.com/stanmay77/security
- https://github.com/vitaliivakhr/NETOLOGY
- https://github.com/waseemasmaeel/A2sv_Tools
- https://github.com/yellownine/netology-DevOps
Reference in New Issue View Git Blame Copy Permalink