VulnerableCode Vulnerability Details

System	Score	Found at
generic_textual	Medium	http://article.gmane.org/gmane.comp.security.oss.general/18580
generic_textual	MODERATE	http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
generic_textual	Medium	http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0778.html
rhas	Moderate	https://access.redhat.com/errata/RHSA-2016:0043
epss	0.00263	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.00263	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.00263	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.00263	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.00263	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.00263	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.00263	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.00263	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.00263	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.00263	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.00263	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.00263	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.00505	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.00505	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.00505	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.00505	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01175	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.0127	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.0127	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.0127	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.0127	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.0127	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.0127	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01314	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01458	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01458	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01458	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01458	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.01458	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.02434	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.02434	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.02434	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.02434	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.02434	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.02434	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.02434	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.02434	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.02434	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
epss	0.03835	https://api.first.org/data/v1/epss?cve=CVE-2016-0778
rhbs	low	https://bugzilla.redhat.com/show_bug.cgi?id=1298033
generic_textual	High	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777
generic_textual	Medium	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778
cvssv3.1	9.8	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
generic_textual	CRITICAL	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
cvssv3.1	8.1	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
generic_textual	HIGH	https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
cvssv2	4.6	https://nvd.nist.gov/vuln/detail/CVE-2016-0778
cvssv3	8.1	https://nvd.nist.gov/vuln/detail/CVE-2016-0778
generic_textual	HIGH	https://support.apple.com/HT206167
generic_textual	Medium	https://ubuntu.com/security/notices/USN-2869-1
generic_textual	Medium	https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/OpenSSHClientRoaming
cvssv3.1	7.5	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
generic_textual	MODERATE	http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
generic_textual	Low	http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
generic_textual	Medium	http://www.undeadly.org/cgi?action=article&sid=20160114142733

System

Score

Found at

generic_textual

Medium

http://article.gmane.org/gmane.comp.security.oss.general/18580

generic_textual

MODERATE

http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html

generic_textual

Medium

http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0778.html

rhas

Moderate

https://access.redhat.com/errata/RHSA-2016:0043

epss

0.00263

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.00263

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.00263

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.00263

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.00263

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.00263

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.00263

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.00263

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.00263

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.00263

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.00263

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.00263

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.00505

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.00505

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.00505

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.00505

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01175

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.0127

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.0127

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.0127

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.0127

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.0127

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.0127

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01314

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01458

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01458

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01458

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01458

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.01458

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.02434

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.02434

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.02434

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.02434

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.02434

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.02434

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.02434

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.02434

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.02434

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

epss

0.03835

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

rhbs

low

https://bugzilla.redhat.com/show_bug.cgi?id=1298033

generic_textual

High

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777

generic_textual

Medium

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778

cvssv3.1

9.8

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680

generic_textual

CRITICAL

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680

cvssv3.1

8.1

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

generic_textual

HIGH

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

cvssv2

4.6

https://nvd.nist.gov/vuln/detail/CVE-2016-0778

cvssv3

8.1

https://nvd.nist.gov/vuln/detail/CVE-2016-0778

generic_textual

HIGH

https://support.apple.com/HT206167

generic_textual

Medium

https://ubuntu.com/security/notices/USN-2869-1

generic_textual

Medium

https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/OpenSSHClientRoaming

cvssv3.1

7.5

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

generic_textual

MODERATE

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

generic_textual

Low

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

generic_textual

Medium

http://www.undeadly.org/cgi?action=article&sid=20160114142733

Reference id	Reference type	URL
		http://article.gmane.org/gmane.comp.security.oss.general/18580
		http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734
		http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html
		http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html
		http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html
		http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html
		http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html
		http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html
		http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html
		http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html
		http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html
		http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html
		http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0778.html
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0778.json
		https://api.first.org/data/v1/epss?cve=CVE-2016-0778
		https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/
		https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/
		https://bto.bluecoat.com/security-advisory/sa109
		https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778
		http://seclists.org/fulldisclosure/2016/Jan/44
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680
		https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722
		https://security.gentoo.org/glsa/201601-01
		https://support.apple.com/HT206167
		https://ubuntu.com/security/notices/USN-2869-1
		https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/OpenSSHClientRoaming
		http://www.debian.org/security/2016/dsa-3446
		http://www.openssh.com/txt/release-7.1p2
		http://www.openwall.com/lists/oss-security/2016/01/14/7
		http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
		http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html
		http://www.securityfocus.com/archive/1/537295/100/0/threaded
		http://www.securityfocus.com/bid/80698
		http://www.securitytracker.com/id/1034671
		http://www.ubuntu.com/usn/USN-2869-1
		http://www.undeadly.org/cgi?action=article&sid=20160114142733
1298033		https://bugzilla.redhat.com/show_bug.cgi?id=1298033
cpe:2.3:a:openbsd:openssh:5.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:::::::*
cpe:2.3:a:openbsd:openssh:5.4:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:p1::::::
cpe:2.3:a:openbsd:openssh:5.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:::::::*
cpe:2.3:a:openbsd:openssh:5.5:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:p1::::::
cpe:2.3:a:openbsd:openssh:5.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:::::::*
cpe:2.3:a:openbsd:openssh:5.6:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:p1::::::
cpe:2.3:a:openbsd:openssh:5.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:::::::*
cpe:2.3:a:openbsd:openssh:5.7:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:p1::::::
cpe:2.3:a:openbsd:openssh:5.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:::::::*
cpe:2.3:a:openbsd:openssh:5.8:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:p1::::::
cpe:2.3:a:openbsd:openssh:5.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:::::::*
cpe:2.3:a:openbsd:openssh:5.9:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:p1::::::
cpe:2.3:a:openbsd:openssh:6.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:::::::*
cpe:2.3:a:openbsd:openssh:6.0:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:p1::::::
cpe:2.3:a:openbsd:openssh:6.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.1:::::::*
cpe:2.3:a:openbsd:openssh:6.1:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.1:p1::::::
cpe:2.3:a:openbsd:openssh:6.2:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:::::::*
cpe:2.3:a:openbsd:openssh:6.2:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:p1::::::
cpe:2.3:a:openbsd:openssh:6.2:p2::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:p2::::::
cpe:2.3:a:openbsd:openssh:6.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:::::::*
cpe:2.3:a:openbsd:openssh:6.3:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:p1::::::
cpe:2.3:a:openbsd:openssh:6.4:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.4:::::::*
cpe:2.3:a:openbsd:openssh:6.4:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.4:p1::::::
cpe:2.3:a:openbsd:openssh:6.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.5:::::::*
cpe:2.3:a:openbsd:openssh:6.5:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.5:p1::::::
cpe:2.3:a:openbsd:openssh:6.6:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.6:::::::*
cpe:2.3:a:openbsd:openssh:6.6:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.6:p1::::::
cpe:2.3:a:openbsd:openssh:6.7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.7:::::::*
cpe:2.3:a:openbsd:openssh:6.7:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.7:p1::::::
cpe:2.3:a:openbsd:openssh:6.8:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:::::::*
cpe:2.3:a:openbsd:openssh:6.8:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:p1::::::
cpe:2.3:a:openbsd:openssh:6.9:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:::::::*
cpe:2.3:a:openbsd:openssh:6.9:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:p1::::::
cpe:2.3:a:openbsd:openssh:7.0:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:::::::*
cpe:2.3:a:openbsd:openssh:7.0:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:p1::::::
cpe:2.3:a:openbsd:openssh:7.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:::::::*
cpe:2.3:a:openbsd:openssh:7.1:p1::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:p1::::::
cpe:2.3:a:sophos:unified_threat_management_software:9.353:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sophos:unified_threat_management_software:9.353:::::::*
cpe:2.3:o:apple:mac_os_x::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x::::::::
cpe:2.3:o:hp:virtual_customer_access_system::::::::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:hp:virtual_customer_access_system::::::::
cpe:2.3:o:oracle:linux:7:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:::::::*
cpe:2.3:o:oracle:solaris:11.3:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:::::::*
CVE-2016-0778		https://nvd.nist.gov/vuln/detail/CVE-2016-0778
RHSA-2016:0043		https://access.redhat.com/errata/RHSA-2016:0043
USN-2869-1		https://usn.ubuntu.com/2869-1/

Reference id

Reference type

URL

http://article.gmane.org/gmane.comp.security.oss.general/18580

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10734

http://lists.apple.com/archives/security-announce/2016/Mar/msg00004.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176516.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176349.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00006.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00007.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00008.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00009.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00013.html

http://lists.opensuse.org/opensuse-security-announce/2016-01/msg00014.html

http://packetstormsecurity.com/files/135273/Qualys-Security-Advisory-OpenSSH-Overflow-Leak.html

http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-0778.html

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-0778.json

https://api.first.org/data/v1/epss?cve=CVE-2016-0778

https://blogs.sophos.com/2016/02/17/utm-up2date-9-354-released/

https://blogs.sophos.com/2016/02/29/utm-up2date-9-319-released/

https://bto.bluecoat.com/security-advisory/sa109

https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0777

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0778

http://seclists.org/fulldisclosure/2016/Jan/44

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05356388

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

https://security.gentoo.org/glsa/201601-01

https://support.apple.com/HT206167

https://ubuntu.com/security/notices/USN-2869-1

https://wiki.ubuntu.com/SecurityTeam/KnowledgeBase/OpenSSHClientRoaming

http://www.debian.org/security/2016/dsa-3446

http://www.openssh.com/txt/release-7.1p2

http://www.openwall.com/lists/oss-security/2016/01/14/7

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html

http://www.securityfocus.com/archive/1/537295/100/0/threaded

http://www.securityfocus.com/bid/80698

http://www.securitytracker.com/id/1034671

http://www.ubuntu.com/usn/USN-2869-1

http://www.undeadly.org/cgi?action=article&sid=20160114142733

1298033

https://bugzilla.redhat.com/show_bug.cgi?id=1298033

cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.4:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.4:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.5:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.5:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.6:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.6:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.7:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.7:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.8:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.8:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:5.9:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:5.9:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.0:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.0:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.1:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.1:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.2:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.2:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.2:p2:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.2:p2:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.3:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.3:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.4:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.4:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.4:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.4:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.5:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.5:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.5:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.6:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.6:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.6:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.6:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.7:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.7:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.7:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.7:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.8:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:6.9:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.0:p1:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:*:*:*:*:*:*:*

cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:openbsd:openssh:7.1:p1:*:*:*:*:*:*

cpe:2.3:a:sophos:unified_threat_management_software:9.353:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:sophos:unified_threat_management_software:9.353:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:apple:mac_os_x:*:*:*:*:*:*:*:*

cpe:2.3:o:hp:virtual_customer_access_system:*:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:hp:virtual_customer_access_system:*:*:*:*:*:*:*:*

cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

CVE-2016-0778

https://nvd.nist.gov/vuln/detail/CVE-2016-0778

RHSA-2016:0043

https://access.redhat.com/errata/RHSA-2016:0043

USN-2869-1

https://usn.ubuntu.com/2869-1/

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05385680

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: AV:N/AC:H/Au:S/C:P/I:P/A:P Found at https://nvd.nist.gov/vuln/detail/CVE-2016-0778

Exploitability (E)	Access Vector (AV)	Access Complexity (AC)	Authentication (Au)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
high functional unproven proof_of_concept not_defined	local adjacent_network network	high medium low	multiple single none	none partial complete	none partial complete	none partial complete

Exploitability (E)

Access Vector (AV)

Access Complexity (AC)

Authentication (Au)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

partial

complete

none

partial

complete

none

partial

complete

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2016-0778

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
There are no relevant records.

There are no relevant records.

Vulnerability ID	VCID-suv8-uh2s-aaaa
Aliases	CVE-2016-0778
Summary	The (1) roaming_read and (2) roaming_write functions in roaming_common.c in the client in OpenSSH 5.x, 6.x, and 7.x before 7.1p2, when certain proxy and forward options are enabled, do not properly maintain connection file descriptors, which allows remote servers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact by requesting many forwardings.
Status	Published
Exploitability	0.5
Weighted Severity	8.0
Risk	4.0
Affected and Fixed Packages	Package Details

CWE-119	Improper Restriction of Operations within the Bounds of a Memory Buffer
CWE-122	Heap-based Buffer Overflow

Percentile	0.66474
EPSS Score	0.00263
Published At	Nov. 1, 2024, midnight