14 matches found
SUSE CVE-2016-1494
The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...
awscli (>=1.7.35 <=1.8.6) potentially affected by CVE-2016-1494 via rsa (=3.1.4)
rsa PYPI version =3.1.4 is affected by a known vulnerability. The following packages have a transitive dependency on rsa and may be impacted: - awscli =1.7.35, =1.8.6 Source cves: CVE-2016-1494 Source advisory: OSV:GHSA-8RJR-6QQ5-PJ9P...
SUSE: Security Advisory (SUSE-SU-2016:0107-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 22 : python-rsa-3.3-2.fc22 (2016-c845706426)
Fix for CVE-2016-1494 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Fedora 23 : python-rsa-3.3-2.fc23 (2016-70edfbbcef)
Fix for CVE-2016-1494 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. %NASLMINLEVEL 70300 C Tenable...
Amazon Linux: Security Advisory (ALAS-2016-644)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : python-rsa (ALAS-2016-644)
It was found that python-rsa is vulnerable to Bleichenbacher'06 attack, allowing attacker to fake signatures for any public key with low exponent. CVE-2016-1494 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Amazon Linux AMI Security...
Medium: python-rsa
Issue Overview: It was found that python-rsa is vulnerable to Bleichenbacher'06 attack, allowing attacker to fake signatures for any public key with low exponent. CVE-2016-1494 Affected Packages: python-rsa Issue Correction: Run yum update python-rsa or yum update --advisory ALAS-2016-644 to upda...
openSUSE Security Update : python-rsa (openSUSE-2016-33)
This update for python-rsa fixes the following security issues : - CVE-2016-1494: Possible signature forgery via Bleichenbacher attack bsc960680 The following bugs fixes are included : - FATE319904, boo954690: Support VPN feature in google-cloud-sdk - boo935595: missing coreutils requirement...
Mageia: Security Advisory (MGASA-2016-0011)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-1494
The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...
CVE-2016-1494
The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...
CVE-2016-1494
The CVE-2016-1494 issue affects the Python-RSA library’s verify function prior to version 3.3, enabling a Bleichenbacher ’06 style attack to forge signatures with a small public exponent via crafted padding (BERserk). This can allow an attacker to spoof valid signatures for the affected RSA keys....
Updated python-rsa packages fix security vulnerability
A signature forgery vulnerability in python-rsa allows an attacker to fake signatures for arbitrary messages for any key with a low exponent "e", such as the common value of 3 CVE-2016-1494...