CVE-2014-4191

The TLS implementation in EMC RSA BSAFE-C Toolkits aka Share for C and C++ sends a long series of random bytes during use of the DualECDRBG algorithm, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than...

EUVD-2014-4120

Malware in sbrugna...

Security Bulletin: IBM WebSphere Transformation Extender Secure Adapter Collection vulnerabilities: RSA BSAFE-C (CVE-2014-4191, CVE-2014-4192) and SSLv3 (CVE-2014-3566)

Summary EMC RSA BSAFE-C Toolkits, utilized by WebSphere Transformation Extender Secure Adapter Collection, could allow a remote attacker to obtain sensitive information. Additionally, SSLv3 contains a vulnerability that has been referred to as the Padding Oracle On Downgraded Legacy Encryption...

CVE-2014-4191

The TLS implementation in EMC RSA BSAFE-C Toolkits aka Share for C and C++ sends a long series of random bytes during use of the DualECDRBG algorithm, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than...

CVE-2014-4192

The DualECDRBG implementation in EMC RSA BSAFE-C Toolkits aka Share for C and C++ processes certain requests for output bytes by considering only the requested byte count and not the use of cached bytes, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recoverin...

Code injection

The TLS implementation in EMC RSA BSAFE-C Toolkits aka Share for C and C++ sends a long series of random bytes during use of the DualECDRBG algorithm, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recovering the algorithm's inner state, a different issue than...

Code injection

The DualECDRBG implementation in EMC RSA BSAFE-C Toolkits aka Share for C and C++ processes certain requests for output bytes by considering only the requested byte count and not the use of cached bytes, which makes it easier for remote attackers to obtain plaintext from TLS sessions by recoverin...

CVE-2014-4192

CVE-2014-4192 affects EMC RSA BSAFE-C Toolkits (Share for C/C++) Dual_EC_DRBG. The vulnerability arises from how output bytes are produced: the implementation uses the requested byte count without considering cached bytes, enabling recovery of the algorithm’s inner state and potential plaintext e...

CVE-2014-4191

CVE-2014-4191 affects the EMC RSA BSAFE-C Toolkits TLS implementation (Share for C/C++) that uses Dual_EC_DRBG. The issue is caused by the TLS code sending a long series of random bytes during Dual_EC_DRBG usage, which enables an attacker to recover the algorithm’s inner state and potentially obt...