8 matches found
EUVD-2022-29296
Malicious code in bioql PyPI...
CVE-2022-24404
Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion...
CVE-2022-24401
Adversary-induced keystream re-use on TETRA air-interface encrypted traffic using any TEA keystream generator. IV generation is based upon several TDMA frame counters, which are frequently broadcast by the infrastructure in an unauthenticated manner. An active adversary can manipulate the view of...
CVE-2022-24404
Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion...
Design/Logic Flaw
Lack of cryptographic integrity check on TETRA air-interface encrypted traffic. Since a stream cipher is employed, this allows an active adversary to manipulate cleartext data in a bit-by-bit fashion...
CVE-2022-24404
CVE-2022-24404 describes a lack of ciphertext authentication in TETRA’s Air Interface Encryption (AIE)/TEA1, enabling an active attacker to perform bit-by-bit manipulations of the intercepted traffic (ciphertext malleability) and alter cleartext data. The root cause is absence of integrity/authen...
OpenSSL 0.9.x CBC Error Information Leakage Weakness
No description provided by source. source: http://www.securityfocus.com/bid/6884/info A side-channel attack against implementations of SSL exists that, through analysis of the timing of certain operations, can reveal sensitive information to an active adversary. This information leaked by...
OpenSSL 0.9.x - CBC Error Information Leakage
source: https://www.securityfocus.com/bid/6884/info A side-channel attack against implementations of SSL exists that, through analysis of the timing of certain operations, can reveal sensitive information to an active adversary. This information leaked by vulnerable implementations is reportedly...