34 matches found
Linux Distros Unpatched Vulnerability : CVE-2016-7438
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The C software implementation of ECC in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit...
Linux Distros Unpatched Vulnerability : CVE-2016-7440
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The C software implementation of AES Encryption and Decryption in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover AES keys by...
Side Channel Attack On Modular Exponentiation
OpenSSL is vulnerable to side channel attacks. The vulnerability exploits cache-bank conflicts on the Intel Sandy-Bridge microarchitecture, exposing RSA keys. However, an attacker can only exploit this only if he has control of code in a thread running on the same hyper-threaded core as the victi...
OpenSSL: Side channel attack on modular exponentiation
A side-channel attack was found that makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture. An attacker who has the ability to control code in a thread running on the same hyper-threaded core as the victim's thread that is performing decryption, could use this flaw to...
CVE-2016-7439
The C software implementation of RSA in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences...
DEBIAN-CVE-2016-7439
The C software implementation of RSA in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences...
CVE-2016-7439
The C software implementation of RSA in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences...
CVE-2016-7438
The C software implementation of ECC in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences...
Design/Logic Flaw
The C software implementation of AES Encryption and Decryption in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences...
CVE-2016-7438
The C software implementation of ECC in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences...
UBUNTU-CVE-2016-7438
The C software implementation of ECC in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences...
CVE-2016-7439
The C software implementation of RSA in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences...
UBUNTU-CVE-2016-7439
The C software implementation of RSA in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences...
Design/Logic Flaw
The C software implementation of ECC in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences...
Information disclosure
The C software implementation of RSA in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences...
CVE-2016-7439
The C software implementation of RSA in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences...
CVE-2016-7439
CVE-2016-7439 affects the C RSA implementation in wolfSSL (formerly CyaSSL) prior to 3.9.10. The vulnerability allows a local attacker to obtain RSA keys by exploiting cache-bank hit differences, i.e., an information-disclosure issue. Affected products/versions are wolfSSL before 3.9.10; impact i...
CVE-2016-7440
The C software implementation of AES Encryption and Decryption in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences...
CVE-2016-7438
The C software implementation of ECC in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences...
CVE-2016-7438
The C software implementation of ECC in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences...