添加CVE-2016-0701

2023-05-13 15:23:31 +08:00 · 2023-05-13 15:23:31 +08:00 · e254bd18f3
parent 26ece7795e
commit e254bd18f3
3 changed files with 43 additions and 0 deletions
--- a/cve/openssl/2016/CVE-2016-0701/README.md
+++ b/cve/openssl/2016/CVE-2016-0701/README.md
@ -0,0 +1,2 @@
+## Source
+https://github.com/luanjampa/cve-2016-0701
--- a/cve/openssl/2016/CVE-2016-0701/openssl.py
+++ b/cve/openssl/2016/CVE-2016-0701/openssl.py
@ -0,0 +1,19 @@
+#!/usr/bin/python3
+# -*- coding: utf-8 -*-
+__author__ = "Luan Souza"
+__credits__ = ["Antonio Costa aka Cooler_"]
+#
+#
+# CHECK CVE-2016-0701
+#
+#
+from subprocess import check_output
+import re
+
+listaVuln = ['1.0.2e','1.0.2d', '1.0.2c','1.0.2b','1.0.2a','1.0.2']
+versao = (check_output(['pkg-config','--print-provides','openssl']).decode("utf-8").strip()).split()
+
+if versao[2] in listaVuln:
+    print('Your version is:{0}, and is present in the list of affected versions \n Read more:https://openssl.org/news/secadv/20160128.txt'.format(versao[2]))
+else:
+    print('Your version is:{0}, looks you are safe'.format(versao[2]))
--- a/cve/openssl/2016/yaml/CVE-2016-0701.yaml
+++ b/cve/openssl/2016/yaml/CVE-2016-0701.yaml
@ -0,0 +1,22 @@
+id: CVE-2016-0701
+source:
+	https://github.com/luanjampa/cve-2016-0701
+info:
+	name: OpenSSL是Openssl团队的一个开源的能够实现安全套接层（SSLv2/v3）和安全传输层
+（TLSv1）协议的通用加密库。该产品支持多种加密算法，包括对称密码、哈希算法、安全散列算法等。
+	severity: Low
+	description: |
+		OpenSSL 1.0.2 版本中的 crypto/dh/dh_check.c 文件中的 DH_check_pub_key 函数没有确保质数适合用于 Diffie-Hellman (DH) 密钥交换，这使得远程攻击者更容易通过与选择不合适的数字的对等方进行多次握手来发现私有 DH 指数，如在 X9.42 文件中展示的数字。
+	scope-of-influence:
+		OpenSSL 1.0.2
+	reference:
+		- https://github.com/chnzzh/OpenSSL-CVE-lib/blob/main/CVE-2016-0701
+		- https://www.kb.cert.org/vuls/id/257823
+	classification:
+		cvss-metrics: CVSS:3.1/AV:N/AC:M/Au:N/C:C/I:C/A:N
+		cvss-score: 8.8
+		cve-id: CVE-2016-0701
+		cwe-id: CWE-325
+    cnvd-id: None
+    kve-id: None
+  tags: CVE-2016