{"id":"CVE-2016-2047","details":"The ssl_verify_server_cert function in sql-common/client.c in MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10; Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier; and Percona Server do not properly verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via a \"/CN=\" string in a field in a certificate, as demonstrated by \"/OU=/CN=bar.com/CN=foo.com.\"","modified":"2026-02-24T01:16:29.432473Z","published":"2016-01-27T20:59:05.610Z","related":["SUSE-RU-2023:3956-1","SUSE-RU-2023:4991-1","SUSE-SU-2016:1279-1","SUSE-SU-2016:1619-1","SUSE-SU-2016:1620-1","openSUSE-SU-2024:10200-1","openSUSE-SU-2024:11038-1"],"references":[{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0534.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-0705.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-1480.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-1481.html"},{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3453"},{"type":"ADVISORY","url":"http://www.debian.org/security/2016/dsa-3557"},{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2016/01/26/3"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/81810"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1035606"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2953-1"},{"type":"ADVISORY","url":"http://www.ubuntu.com/usn/USN-2954-1"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2016:1132"},{"type":"ADVISORY","url":"https://mariadb.atlassian.net/browse/MDEV-9212"},{"type":"ADVISORY","url":"https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/"},{"type":"ADVISORY","url":"https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/"},{"type":"ADVISORY","url":"https://mariadb.com/kb/en/mdb-10023-rn/"},{"type":"FIX","url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html"},{"type":"ARTICLE","url":"http://www.openwall.com/lists/oss-security/2016/01/26/3"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mariadb/server","events":[{"introduced":"5a6300dcc45da2d6c2b046560da0580548354b93"},{"fixed":"40ae1b9b618fbbc3b494a896a9d074b74e414337"},{"introduced":"776555af021e917ce0d6235386b43ae59fdd5161"},{"fixed":"90ea0145856338221803ebb9b446ed2a6e082412"},{"introduced":"b11c4651917bd4472ea8837c64e6d1072a2a19e9"},{"fixed":"8efdfc8b58a84f8e8d62f0bb8b31f5b763664c06"}]}],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-2047.json","vanir_signatures":[{"deprecated":false,"source":"https://github.com/mariadb/server/commit/90ea0145856338221803ebb9b446ed2a6e082412","signature_version":"v1","id":"CVE-2016-2047-418dc194","signature_type":"Line","target":{"file":"sql/init.cc"},"digest":{"line_hashes":["147107641273993383240782259862025438176","92010967798498701673315862426094756400","327751778421770712387529959218426352739","335366999246722941831157885595185343881","273999841737195452499309953200498666375","210517212316227742052728977697524822713"],"threshold":0.9}},{"deprecated":false,"source":"https://github.com/mariadb/server/commit/90ea0145856338221803ebb9b446ed2a6e082412","signature_version":"v1","id":"CVE-2016-2047-66b1a29e","signature_type":"Line","target":{"file":"mysys/my_static.c"},"digest":{"line_hashes":["24307595873147278150201970310353889821","48675940072839761549793864817188524169","216230675055673289190865619159493735368","20652123376710344335504722831294169387"],"threshold":0.9}},{"deprecated":false,"source":"https://github.com/mariadb/server/commit/90ea0145856338221803ebb9b446ed2a6e082412","signature_version":"v1","id":"CVE-2016-2047-a534a020","signature_type":"Function","target":{"file":"sql/init.cc","function":"unireg_init"},"digest":{"length":449,"function_hash":"311144189938665340085863602879392151383"}},{"deprecated":false,"source":"https://github.com/mariadb/server/commit/90ea0145856338221803ebb9b446ed2a6e082412","signature_version":"v1","id":"CVE-2016-2047-cd5bea7a","signature_type":"Line","target":{"file":"plugin/daemon_example/daemon_example.cc"},"digest":{"line_hashes":["167000630030318618717608062140112220235","10642358439317725583287537405604680149","162374108280077942150750980263312138467","50163437060249974045566719846816540694"],"threshold":0.9}},{"deprecated":false,"source":"https://github.com/mariadb/server/commit/90ea0145856338221803ebb9b446ed2a6e082412","signature_version":"v1","id":"CVE-2016-2047-dd6f816d","signature_type":"Line","target":{"file":"include/my_sys.h"},"digest":{"line_hashes":["80280507170444425678090689408551056030","186901013121802111627367647389618571691","35090662641952932041522151791618716843","119536087546367306015463964300481495175","36459839600648900298056848002263452468"],"threshold":0.9}}]}},{"ranges":[{"type":"GIT","repo":"https://github.com/mysql/mysql-server","events":[{"introduced":"863a73b80b83801a14b416006e64cf892837a657"},{"fixed":"40ae1b9b618fbbc3b494a896a9d074b74e414337"}]}],"versions":["mysql-5.0.96","mysql-5.1.61","mysql-5.1.62","mysql-5.1.63","mysql-5.1.65","mysql-5.1.66","mysql-5.1.67","mysql-5.1.68","mysql-5.1.69","mysql-5.1.69-retag","mysql-5.1.70","mysql-5.1.71","mysql-5.1.72","mysql-5.1.73","mysql-5.1.74","mysql-5.1.75","mysql-5.1.76","mysql-5.1.77","mysql-5.5.20","mysql-5.5.21","mysql-5.5.22","mysql-5.5.23","mysql-5.5.24","mysql-5.5.25","mysql-5.5.25a","mysql-5.5.27","mysql-5.5.28","mysql-5.5.29","mysql-5.5.30","mysql-5.5.31","mysql-5.5.32","mysql-5.5.33","mysql-5.5.34","mysql-5.5.35","mysql-5.5.36","mysql-5.5.37","mysql-5.5.38","mysql-5.5.39","mysql-5.5.40","mysql-5.5.41","mysql-5.5.42","mysql-5.5.43","mysql-5.5.44","mysql-5.5.45","mysql-5.5.46"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-2047.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N"}]}