EUVD-2008-7087

Malware in sbrugna...

EulerOS 2.0 SP12 : shim (EulerOS-SA-2025-2058)

According to the versions of the shim packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in...

CLSA-2025-1744926159 Update of openssl

Backport the implicit rejection mechanism for RSA PKCS1 v1.5 to prevent Bleichenbacher attacks; add an option to disable the mechanism...

UBUNTU-CVE-2023-4421

The NSS code used for checking PKCS1 v1.5 was leaking information useful in mounting Bleichenbacher-like attacks. Both the overall correctness of the padding as well as the length of the encrypted message was leaking through timing side-channel. By sending large number of attacker-selected...

SUSE: Security Advisory (SUSE-SU-2020:3592-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:3629-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 Security Update : python-cryptography (SUSE-SU-2020:3592-1)

This update for python-cryptography fixes the following issues : CVE-2020-25659: Attempted to mitigate Bleichenbacher attacks on RSA decryption bsc1178168. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has...

SUSE-SU-2020:3629-1 Security update for python-cryptography

This update for python-cryptography fixes the following issues: - CVE-2020-25659: Attempted to mitigate Bleichenbacher attacks on RSA decryption bsc1178168...

Bleichenbacher and Dictionary Attacks on IPsec IKE

Two new attacks on IPsec IKE Internet Key Exchange were recently disclosed 1, involving multiple ways to perform attacks against IKE signature based and PSK Pre-Shared Key authentications. The end goal is to crack IPsec VPN encrypted communications. The relevant CVEs are: CVE-2018-5389: Practical...

jbossws: Prone to Bleichenbacher attack against to be distributed symmetric key

A flaw was found in JBoss web services where the services used a weak symmetric encryption protocol, PKCS1 v1.5. An attacker could use this weakness in chosen-ciphertext attacks to recover the symmetric key and conduct further attacks...

CVE-2008-7128

The sslparseclientkeyexchange function in XySSL before 0.9 does not protect against certain Bleichenbacher attacks using chosen ciphertext, which allows remote attackers to recover keys via unspecified vectors...

CVE-2008-7128

The sslparseclientkeyexchange function in XySSL before 0.9 does not protect against certain Bleichenbacher attacks using chosen ciphertext, which allows remote attackers to recover keys via unspecified vectors...

Code injection

The sslparseclientkeyexchange function in XySSL before 0.9 does not protect against certain Bleichenbacher attacks using chosen ciphertext, which allows remote attackers to recover keys via unspecified vectors...

CVE-2008-7128

The CVE-2008-7128 entry concerns the ssl_parse_client_key_exchange function in XySSL prior to 0.9, which does not protect against certain Bleichenbacher-style chosen-ciphertext attacks. The vulnerability allows remote attackers to recover keys via unspecified vectors. Documented impact is partial...

CVE-2008-7128

The sslparseclientkeyexchange function in XySSL before 0.9 does not protect against certain Bleichenbacher attacks using chosen ciphertext, which allows remote attackers to recover keys via unspecified vectors...

Important: Red Hat Security Advisory: : : : Updated OpenSSL packages fix vulnerabilities

Updated OpenSSL packages that fix potential timing-based and modified Bleichenbacher attacks are available for Red Hat Linux on IBM iSeries and pSeries systems. OpenSSL is a commercial-grade, full-featured, and open source toolkit that implements Secure Sockets Layer SSL v2/v3 and Transport Layer...