18 matches found
EUVD-2014-0168
Malware in sbrugna...
CVE-2024-31497
In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant...
K15295: OpenSSL vulnerability CVE-2014-0076
Security Advisory Description The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack. CVE-2014-0076 Impact...
SUSE CVE-2014-0076
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
SUSE: Security Advisory (SUSE-SU-2014:0541-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2014:0538-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES10 Security Update : OpenSSL (SUSE-SU-2014:0539-1)
OpenSSL has been updated to fix an attack on ECDSA Nonces. Using the FLUSH+RELOAD Cache Side-channel Attack the Nonces could be recovered. CVE-2014-0076 The update also enables use of SHA-2 family certificate verification of X.509 certificates used in todays SSL certificate infrastructure. Note...
SUSE SLES10 Security Update : OpenSSL (SUSE-SU-2014:0538-1)
OpenSSL has been updated to fix an attack on ECDSA Nonces. Using the FLUSH+RELOAD Cache Side-channel Attack the Nonces could have been recovered. CVE-2014-0076 Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...
openSUSE Security Update : openssl (openSUSE-SU-2014:0480-1)
openssl was updated to fix a timing attack, where it was theoretically possible to recover ECDSA Nonces Using the FLUSH+RELOAD Cache Side-channel Attack %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Securit...
MGASA-2014-0165 Updated openssl package fix two security vulnerabilities
Updated openssl packages fix security vulnerability: The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
Ubuntu Update for openssl USN-2165-1
Check for the Version of openssl OpenVAS Vulnerability Test $Id: gbubuntuUSN21651.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for openssl USN-2165-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software...
OpenSSL: Information Disclosure
Background OpenSSL is an Open Source toolkit implementing the Secure Sockets Layer SSL v2/v3 and Transport Layer Security TLS v1 as well as a general purpose cryptography library. Description Multiple vulnerabilities have been found in OpenSSL: OpenSSL incorrectly handles memory in the TLS...
Ubuntu 12.04 LTS / 12.10 / 13.10 : openssl vulnerabilities (USN-2165-1)
Neel Mehta discovered that OpenSSL incorrectly handled memory in the TLS heartbeat extension. An attacker could use this issue to obtain up to 64k of memory contents from the client or server, possibly leading to the disclosure of private keys and other sensitive information. CVE-2014-0160 Yuval...
CVE-2014-0076
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
DEBIAN-CVE-2014-0076
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
CVE-2014-0076
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
CVE-2014-0076
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
CVE-2014-0076
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...