25 matches found
EUVD-2013-4434
Malware in sbrugna...
K16396: GnuPG vulnerability CVE-2013-4576
Security Advisory Description GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryptio...
Side-channel Attack
GnuPG is vulnerable to side-channel attacks. An attacker in close physical range to the target system is able to decrypt ciphertexts using acoustic cryptanalysis to recover the RSA secret key belonging to the system...
Amazon Linux: Security Advisory (ALAS-2014-278)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux AMI : gnupg (ALAS-2014-278)
GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE: applications are not...
RedHat Update for gnupg RHSA-2014:0016-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for gnupg RHSA-2014:0016-01
Check for the Version of gnupg OpenVAS Vulnerability Test RedHat Update for gnupg RHSA-2014:0016-01 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms...
Medium: gnupg
Issue Overview: GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE:...
Scientific Linux Security Update : gnupg on SL5.x i386/x86_64 (20140108)
It was found that GnuPG was vulnerable to side-channel attacks via acoustic cryptanalysis. An attacker in close range to a target system that is decrypting ciphertexts could possibly use this flaw to recover the RSA secret key from that system. CVE-2013-4576 %NASLMINLEVEL 70300 C Tenable Network...
CentOS Update for gnupg CESA-2014:0016 centos5
Check for the Version of gnupg OpenVAS Vulnerability Test CentOS Update for gnupg CESA-2014:0016 centos5 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...
CentOS Update for gnupg CESA-2014:0016 centos5
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CentOS 5 : gnupg (CESA-2014:0016)
An updated gnupg package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
gnupg: RSA secret key recovery via acoustic cryptanalysis
GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE: applications are not...
Moderate: Red Hat Security Advisory: gnupg security update
An updated gnupg package that fixes one security issue is now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
Fedora 19 : gnupg-1.4.16-2.fc19 (2013-23615)
What's New =========== - Fixed the RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack as described by Genkin, Shamir, and Tromer. See .CVE-2013-45 76 - Put only the major version number by default into armored output. - Do not create a trustdb file if --trust-model=always is used....
Fedora 20 : gnupg-1.4.16-2.fc20 (2013-23603)
What's New =========== - Fixed the RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack as described by Genkin, Shamir, and Tromer. See .CVE-2013-45 76 - Put only the major version number by default into armored output. - Do not create a trustdb file if --trust-model=always is used....
CVE-2013-4576
GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE: applications are not...
Code injection
GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE: applications are not...
CVE-2013-4576
GnuPG 1.x before 1.4.16 generates RSA keys using sequences of introductions with certain patterns that introduce a side channel, which allows physically proximate attackers to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. NOTE: applications are not...
CVE-2013-4576
GnuPG 1.x before 1.4.16 is vulnerable to a side-channel attack during RSA key handling. The issue arises from sequences of introductions with certain patterns that enable a local attacker to extract RSA keys via a chosen-ciphertext attack and acoustic cryptanalysis during decryption. The impact i...