Internet Bug Bounty: OpenSSL Key Recovery Attack on DH small subgroups (CVE-2016-0701)

Full write up: http://intothesymmetry.blogspot.ch/2016/01/openssl-key-recovery-attack-on-dh-small.html DH small subgroups CVE-2016-0701 ================================== Severity: High Historically OpenSSL usually only ever generated DH parameters based on "safe" primes. More recently in version...

CVE-2016-0701

The DHcheckpubkey function in crypto/dh/dhcheck.c in OpenSSL 1.0.2 before 1.0.2f does not ensure that prime numbers are appropriate for Diffie-Hellman DH key exchange, which makes it easier for remote attackers to discover a private DH exponent by making multiple handshakes with a peer that chose...

Vulnerability in OpenSSL - DH small subgroups

Historically OpenSSL usually only ever generated DH parameters based on “safe” primes. More recently in version 1.0.2 support was provided for generating X9.42 style parameter files such as those required for RFC 5114 support. The primes used in such files may not be “safe”. Where an application ...

python2-rsa: signature forgery

The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...

python-rsa: signature forgery

The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...

DEBIAN-CVE-2016-1494

The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...

PYSEC-2016-10

The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...

CVE-2016-1494

The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...

UBUNTU-CVE-2016-1494

The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...

CVE-2016-1494

The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...

CVE-2016-1494

The verify function in the RSA package for Python Python-RSA before 3.3 allows attackers to spoof signatures with a small public exponent via crafted signature padding, aka a BERserk attack...

Remote Code Execution in Exponent

High-Tech Bridge Security Research Lab discovered critical vulnerability in Exponent CMS, which can be exploited to inject and execute arbitrary PHP code on the vulnerable system with the privileges of the web server. The vulnerability resides within "/install/index.php" script, when handling...

MGASA-2016-0011 Updated python-rsa packages fix security vulnerability

A signature forgery vulnerability in python-rsa allows an attacker to fake signatures for arbitrary messages for any key with a low exponent "e", such as the common value of 3 CVE-2016-1494...

Updated python-rsa packages fix security vulnerability

A signature forgery vulnerability in python-rsa allows an attacker to fake signatures for arbitrary messages for any key with a low exponent "e", such as the common value of 3 CVE-2016-1494...

py-rsa -- Bleichenbacher'06 signature forgery vulnerability

Filippo Valsorda reports: python-rsa is vulnerable to a straightforward variant of the Bleichenbacher'06 attack against RSA signature verification with low public exponent...

OpenSSL BN_mod_exp() Information Disclosure Vulnerability

OpenSSL is an open source implementation of SSL for strong encryption of network communications. A security vulnerability exists in OpenSSL BNmodexp, which can be exploited by a remote attacker to obtain sensitive information in a private key using a rounding propagation vulnerability...

libreswan Denial of Service Vulnerability (CNVD-2015-07581)

libreswan is a VPN based on IPSEC and IKE security protocol implementation of free open source software . A denial of service vulnerability exists in libreswan versions prior to 3.15 and Openswan versions prior to 2.6.45. Allows remote attackers to cause a denial of service via a DH g ^ x zero...

OracleVM 3.3 : ntp (OVMSA-2015-0102)

The remote OracleVM system is missing necessary patches to address critical security updates : - reject packets without MAC when authentication is enabled CVE-2015-1798 - protect symmetric associations with symmetric key against DoS attack CVE-2015-1799 - fix generation of MD5 keys with ntp-keyge...

CVE-2015-0886

Integer overflow in the cryptraw method in the key-stretching implementation in jBCrypt before 0.4 makes it easier for remote attackers to determine cleartext values of password hashes via a brute-force attack against hashes associated with the maximum exponent...

UBUNTU-CVE-2015-0886

Integer overflow in the cryptraw method in the key-stretching implementation in jBCrypt before 0.4 makes it easier for remote attackers to determine cleartext values of password hashes via a brute-force attack against hashes associated with the maximum exponent...