187 matches found
Asterisk Information Disclosure (AST-2014-011) (POODLE)
According to the version in its SIP banner, the version of Asterisk running on the remote host is potentially affected by an error related to the way SSL 3.0 handles padding bytes when decrypting messages encrypted using block ciphers in cipher block chaining CBC mode. A man-in-the-middle attacke...
bouncycastle: TLS CBC padding timing attack
It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle...
bouncycastle: TLS CBC padding timing attack
It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle...
bouncycastle: TLS CBC padding timing attack
It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle...
bouncycastle: TLS CBC padding timing attack
It was discovered that bouncycastle leaked timing information when decrypting TLS/SSL protocol encrypted records when CBC-mode cipher suites were used. A remote attacker could possibly use this flaw to retrieve plain text from the encrypted packets by using a TLS/SSL server as a padding oracle...
DEBIAN-CVE-2013-2061
The openvpndecrypt function in crypto.c in OpenVPN 2.3.0 and earlier, when running in UDP mode, allows remote attackers to obtain sensitive information via a timing attack involving an HMAC comparison function that does not run in constant time and a padding oracle attack on the CBC mode cipher...
SSL/TLS: CBC padding timing attack (lucky-13)
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...
HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HT...
SSL Cipher Block Chaining Cipher Suites Supported
The remote host supports the use of SSL ciphers that operate in Cipher Block Chaining CBC mode. These cipher suites offer additional security over Electronic Codebook ECB mode, but have the potential to leak information if used improperly. C Tenable Network Security, Inc. include"compat.inc"; if...
SSL/TLS: CBC padding timing attack (lucky-13)
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...
SSL/TLS: CBC padding timing attack (lucky-13)
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...
jbossws: Prone to character encoding pattern attack (XML Encryption flaw)
The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...
SSL/TLS: CBC padding timing attack (lucky-13)
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...
SSL/TLS: CBC padding timing attack (lucky-13)
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...
SSL/TLS: CBC padding timing attack (lucky-13)
The TLS protocol 1.1 and 1.2 and the DTLS protocol 1.0 and 1.2, as used in OpenSSL, OpenJDK, PolarSSL, and other products, do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct...
jbossws: Prone to character encoding pattern attack (XML Encryption flaw)
The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...
DEBIAN-CVE-2013-1620
The TLS implementation in Mozilla Network Security Services NSS does not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attac...
DEBIAN-CVE-2012-2686
crypto/evp/eaescbchmacsha1.c in the AES-NI functionality in the TLS 1.1 and 1.2 implementations in OpenSSL 1.0.1 before 1.0.1d allows remote attackers to cause a denial of service application crash via crafted CBC data...
PT-2013-3285 · Bouncy Castle · Bouncy Castle C# Library +1
Name of the Vulnerable Software and Affected Versions: Bouncy Castle Java library versions prior to 1.48 Bouncy Castle C library versions prior to 1.8 Description: The issue concerns the TLS implementation in the Bouncy Castle libraries, which does not properly handle timing side-channel attacks...
jbossws: Prone to character encoding pattern attack (XML Encryption flaw)
The W3C XML Encryption Standard, as used in the JBoss Web Services JBossWS component in JBoss Enterprise Portal Platform before 5.2.2 and other products, when using block ciphers in cipher-block chaining CBC mode, allows remote attackers to obtain plaintext data via a chosen-ciphertext attack on...