Lucene search
K

57 matches found

Cvelist
Cvelist
added 2012/08/26 9:0 p.m.26 views

CVE-2012-2146

Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector IV, which makes it easier for context-dependent users to obtain sensitive information and decrypt the database...

5.7AI score0.01667EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2012/08/26 9:0 p.m.22 views

CVE-2012-2146

Removed by vendor...

4.3CVSS6.7AI score0.01667EPSS
Exploits0
FreeBSD
FreeBSD
added 2012/08/26 12:0 a.m.16 views

py39-Elixir -- weak use of cryptography

Red Hat Security Response Team reports: Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector IV, which makes it easier for context-dependent users to obtain sensitive information and decrypt the database...

4.3CVSS5.7AI score0.01667EPSS
Exploits0References1
OSV
OSV
added 2010/09/17 6:0 p.m.8 views

CVE-2010-3075

EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the las...

5.9AI score
Exploits0References12
OSV
OSV
added 2010/09/17 6:0 p.m.4 views

UBUNTU-CVE-2010-3075

EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the las...

5CVSS5.8AI score0.02063EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2010/09/17 6:0 p.m.19 views

CVE-2010-3075

EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the las...

5CVSS5.8AI score0.02063EPSS
Exploits0References1
Cvelist
Cvelist
added 2010/09/17 5:46 p.m.21 views

CVE-2010-3075

EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the las...

5.5AI score0.02063EPSS
Exploits0References12
CVE
CVE
added 2010/09/17 5:46 p.m.62 views

CVE-2010-3075

EncFS prior to 1.7.0 uses CFB with the same initialization vector across multiple blocks, enabling local attackers to recover XORed data and reveal sensitive information (e.g., last block containing a single byte). The vulnerability is documented across multiple sources (e.g., SUSE advisories not...

5CVSS5.7AI score0.02063EPSS
Exploits0References12Affected Software1
Debian CVE
Debian CVE
added 2010/09/17 5:46 p.m.24 views

CVE-2010-3075

EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the las...

5CVSS5.6AI score0.02063EPSS
Exploits0
Exploit DB
Exploit DB
added 2010/08/26 12:0 a.m.20 views

EncFS 1.6.0 - Flawed CBC/CFB Cryptography Implementation

source: https://www.securityfocus.com/bid/42779/info EncFS is prone to design errors in its cryptographic implementation. Three flaws have been identified that contribute to a weakening of the protections provided under CBC/CFB cipher mode. Attackers may leverage these weaknesses to attack...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2010/08/26 12:0 a.m.12 views

EncFS 1.6.0 - Flawed CBCCFB Cryptography Implementation

EncFS 1.6.0 - Flawed CBCCFB Cryptography Implementation source: https://www.securityfocus.com/bid/42779/info EncFS is prone to design errors in its cryptographic implementation. Three flaws have been identified that contribute to a weakening of the protections provided under CBC/CFB cipher mode...

7.4AI score
Exploits0
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.15 views

FreeBSD Ports: gnupg

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5CVSS6.6AI score0.02946EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2005/05/02 4:0 a.m.19 views

CVE-2005-0366

The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback CFB mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is...

5CVSS5.9AI score0.02946EPSS
Exploits0References2
NVD
NVD
added 2005/05/02 4:0 a.m.15 views

CVE-2005-0366

The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback CFB mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is...

5CVSS6.3AI score0.02946EPSS
Exploits0References10
securityvulns
securityvulns
added 2005/03/17 12:0 a.m.33 views

OpenPGP/GnuPG chosen ciphertext cryptography attack

With CFB mode encryption attacker can recover part of the plaintext if 2 first bytes of the message block are known...

4.9AI score
Exploits0References1Affected Software1
CVE
CVE
added 2005/02/11 5:0 a.m.67 views

CVE-2005-0366

CVE-2005-0366 concerns OpenPGP/GnuPG where the integrity check feature, when decrypting a message encrypted with CF B mode, can allow a remote attacker to recover part of the plaintext through a chosen-ciphertext attack if the first two bytes of a message block are known and an oracle reveals whe...

5CVSS6.2AI score0.02946EPSS
Exploits0References10Affected Software1
Tenable Nessus
Tenable Nessus
added 2004/08/20 12:0 a.m.13 views

SSH < 1.2.25 CBC/CFB Data Stream Injection

Binary data 1978.prm...

5CVSS7.3AI score0.03211EPSS
Exploits0References2
Rows per page
Query Builder