212 matches found
DEBIAN-CVE-2018-6594
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional Diffie-Hellman DDH...
CVE-2018-6594
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional Diffie-Hellman DDH...
CVE-2018-6594
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional Diffie-Hellman DDH...
aacrgenie (>=9.0.0 <=12.5.0), aalam-common (=0.1.78) +549 more potentially affected by CVE-2018-6594 via pycrypto (>=2.4.1 <=2.6.1)
pycrypto PYPI version =2.4.1, =9.0.0, =0.0.8, =1.1.3, =1.0.1, =3.4.0, =0.4.0b0, =3.0.0b1, =0.0.2, =0.0.1, =1.0.0, =0.0.4, =0.3.1 and more Source cves: CVE-2018-6594 Source advisory: OSV:PYSEC-2018-97...
Information disclosure
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional Diffie-Hellman DDH...
CVE-2018-6594
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional Diffie-Hellman DDH...
CVE-2018-6594
CVE-2018-6594 affects PyCrypto before or up to 2.6.1 due to weak ElGamal key parameter generation in lib/Crypto/PublicKey/ElGamal.py. This flaw breaks semantic security: under ciphertext-only attack an adversary could obtain plaintext information from ciphertext, as the Decisional Diffie-Hellman ...
CVE-2018-6594
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional Diffie-Hellman DDH...
CVE-2018-6594
lib/Crypto/PublicKey/ElGamal.py in PyCrypto through 2.6.1 generates weak ElGamal key parameters, which allows attackers to obtain sensitive information by reading ciphertext data i.e., it does not have semantic security in face of a ciphertext-only attack. The Decisional Diffie-Hellman DDH...
Critical Photon OS Security Update - PHSA-2017-0055
Updates of 'pycrypto', 'linux', 'linux-esx', 'sqlite-autoconf' packages of Photon OS have been released...
SUSE SLES11 Security Update : python-pycrypto (SUSE-SU-2017:1744-1)
This update for python-pycrypto fixes the following issues : - CVE-2013-7459: Fixed a potential heap buffer overflow in ALGnew bsc1017420. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to...
SUSE-SU-2017:1744-1 Security update for python-pycrypto
This update for python-pycrypto fixes the following issues: - CVE-2013-7459: Fixed a potential heap buffer overflow in ALGnew bsc1017420...
Automated Modular Cryptanalysis Tool: FeatherDuster
Automated Modular Cryptanalysis Tool FeatherDuster is a tool written by Daniel “unicornfurnace” Crowley of NCC Group for breaking crypto which tries to make the process of identifying and exploiting weak cryptosystems as easy as possible. Cryptanalib is the moving parts behind FeatherDuster, and...
Stitch - Python Remote Administration Tool (RAT)
This is a cross platform python framework which allows you to build custom payloads for Windows, Mac OSX and Linux as well. You are able to select whether the payload binds to a specific IP and port, listens for a connection on a port, option to send an email of system info when the system boots,...
Antivirus Evasion Framework: Veil Framework
Antivirus Evasion Framework: Veil Framework The Veil-Framework is a collection of red team security tools that implement various attack methods focused on evading detection. It currently consists of: Veil-Evasion : a tool to generate antivirus-evading payloads using a variety of techniques and...
GLSA-201702-14 : PyCrypto: Remote execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-201702-14 PyCrypto: Remote execution of arbitrary code A heap-based buffer overflow vulnerability has been discovered in PyCrypto. Please review the CVE identifier referenced below for details. Impact : A remote attacker, able to...
PyCrypto: Remote execution of arbitrary code
Background The Python Cryptography Toolkit PyCrypto is a collection of both secure hash functions such as SHA256 and RIPEMD160, and various encryption algorithms AES, DES, RSA, ElGamal, etc.. Description A heap-based buffer overflow vulnerability has been discovered in PyCrypto. Please review the...
aacrgenie (>=9.0.0 <=12.5.0), aalam-common (=0.1.78) +549 more potentially affected by CVE-2013-7459 via pycrypto (>=2.4.1 <=2.6.1)
pycrypto PYPI version =2.4.1, =9.0.0, =0.0.8, =1.1.3, =1.0.1, =3.4.0, =0.4.0b0, =3.0.0b1, =0.0.2, =0.0.1, =1.0.0, =0.0.4, =0.3.1 and more Source cves: CVE-2013-7459 Source advisory: OSV:PYSEC-2017-94...
Heap overflow
Heap-based buffer overflow in the ALGnew function in blocktemplace.c in Python Cryptography Toolkit aka pycrypto allows remote attackers to execute arbitrary code as demonstrated by a crafted iv parameter to cryptmsg.py...
CVE-2013-7459
CVE-2013-7459 is a heap-based buffer overflow in the ALGnew function of block_templace.c in Python Cryptography Toolkit (pycrypto). An attacker could trigger arbitrary code execution by supplying a crafted iv to cryptmsg.py. IBM and Amazon Linux advisories corroborate the vulnerability in pycrypt...