10 matches found
EUVD-2015-5684
Malware in sbrugna...
K91245485: RSA-CRT key leak vulnerability CVE-2015-5738
Security Advisory Description The RSA-CRT implementation in the Cavium Software Development Kit SDK 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy PFS, makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra...
CVE-2015-5738
The RSA-CRT implementation in the Cavium Software Development Kit SDK 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy PFS, makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack...
CVE-2015-5738
The RSA-CRT implementation in the Cavium Software Development Kit SDK 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy PFS, makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack...
Design/Logic Flaw
The RSA-CRT implementation in the Cavium Software Development Kit SDK 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy PFS, makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack...
CVE-2015-5738
The RSA-CRT implementation in the Cavium Software Development Kit SDK 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy PFS, makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack...
CVE-2015-5738
The CVE-2015-5738 issue concerns the Cavium SDK 2.x RSA-CRT implementation used on OCTEON II CN6xxx hardware under Linux to support TLS with PFS. A Lenstra fault-side channel attack could allow remote attackers to obtain private RSA keys. Connected advisories indicate mitigations exist in vendor/...
CVE-2015-5738
The RSA-CRT implementation in the Cavium Software Development Kit SDK 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy PFS, makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack...
Cisco ACE 4710 Appliance / ACE30 Module Multiple Vulnerabilities (Logjam)
The Cisco Application Control Engine ACE software installed on the remote Cisco ACE 4710 device or ACE30 module is version A5 prior to A53.3. It is, therefore, affected by multiple vulnerabilities : - An invalid free memory error exists due to improper validation of user-supplied input when a DTL...
Cisco ASA Cavium SDK TLS Incorrect Padding Acceptance Plaintext Disclosure (CSCuu93339)
The remote Cisco Adaptive Security Appliance ASA is missing a vendor-supplied security patch. It is, therefore, affected by a flaw in the TLS 1.x implementation in the Cavium SDK due to a failure to check the first byte of the padding bytes. A man-in-the-middle attacker can exploit this, by sendi...