HPSBHF03568 rev. 11 - Infineon TPM Security Update

Potential Security Impact Potential loss of confidentiality Source: Infineon VULNERABILITY SUMMARY A security vulnerability was identified in the RSA key generation method used by TPM products listed below. This leaves the keys potentially vulnerable via targeted, computationally expensive attack...

CVE-2017-0379

Libgcrypt before 1.8.1 does not properly consider Curve25519 side-channel attacks, which makes it easier for attackers to discover a secret key, related to cipher/ecc.c and mpi/ec.c...

CVE-2015-3405

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not , which might allow remote attackers to obtain the value of generated MD5...

CVE-2015-3405

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not , which might allow remote attackers to obtain the value of generated MD5...

UBUNTU-CVE-2015-3405

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not , which might allow remote attackers to obtain the value of generated MD5...

DEBIAN-CVE-2015-3405

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not , which might allow remote attackers to obtain the value of generated MD5...

gnutls security, bug fix, and enhancement update

3.3.26-9 - Address crash in OCSP status request extension, by eliminating the unneeded parsing CVE-2017-7507, 1455828 3.3.26-7 - Address interoperability issue with 3.5.x 1388932 - Reject CAs which are both trusted and blacklisted in trust module 1375303 - Added new functions to set issuer and...

Free Personal Self Hosted Dynamic DNS

Free Personal Self Hosted Dynamic DNS with BIND and DNSSEC Environment: Server: static IP, running BIND Home: dynamic IP, running Debian/buntu Key Generation First step is to generate a key on the server. /etc/bind $ sudo dnssec-keygen -a HMAC-MD5 -b 512 -n HOST home.dynamic.n0where.net This...

CVE-2016-3106

Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner...

Information disclosure

Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner...

CVE-2016-3106

CVE-2016-3106 : Pulp before 2.8.3 creates a temporary directory during CA key generation in an insecure manner, enabling potential exposure of sensitive data. The vulnerability affects Pulp’s CA key generation process; CVSS vectors indicate network access with low complexity and partial confident...

How Dutch Police Decrypted BlackBerry PGP Messages For Criminal Investigation

The Dutch police have managed to decrypt a number of PGP-encrypted messages sent by criminals using their custom security-focused PGP BlackBerry phones and identified several criminals in an ongoing investigation. PGP, or Pretty Good Privacy, an open source end-to-end encryption standard that can...

CVE-2017-2626

It was discovered that libICE used a weak entropy to generate keys. A local attacker could potentially use this flaw for session hijacking using the information available from the process list...

CVE-2016-1919

Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack...

Code injection

Samsung KNOX 1.0 uses a weak eCryptFS Key generation algorithm, which makes it easier for local users to obtain sensitive information by leveraging knowledge of the TIMA key and a brute-force attack...

CVE-2016-1919

The CVE-2016-1919 entry concerns Samsung KNOX 1.0 on Android 4.3 where the eCryptFS key is derived from the user password and a TIMA key. The weakness lies in the eCryptFS-key generation algorithm, enabling potential disclosure of Data-at-Rest from KNOX containers when an attacker has local acces...

Security advisory YSA-2017-01 | Yubico

Description not found...

Generating SSH Keys is broken (using Bitbucket Server) -- ui and config file

Please watch my short video illustrating the experience. https://www.youtube.com/watch?v=wPUAkG78BFE&feature=youtu.be Scenario 1: On MacOS X Sierra when setting up SourceTree for first time and choosing "SSH" as the authentication method, SourceTree: Should not have a URL for the Bitbucket...

NIST Calls for Submissions to Secure Data Against Quantum Computing

For a layman, it may be difficult to fathom how a standards body could be playing catch-up to a threat that could be at least a decade away. But that’s the position NIST finds itself in with the risk that quantum computers pose to existing cryptographic algorithms. Working, practical quantum...

GnuPG: RNG output is predictable

Background The GNU Privacy Guard, GnuPG, is a free replacement for the PGP suite of cryptographic software. Description A long standing bug since 1998 in Libgcrypt see “GLSA 201610-04” below and GnuPG allows an attacker to predict the output from the standard RNG. Please review the “Entropy Loss...