57 matches found
CVE-2012-2146
Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector IV, which makes it easier for context-dependent users to obtain sensitive information and decrypt the database...
CVE-2012-2146
Removed by vendor...
py39-Elixir -- weak use of cryptography
Red Hat Security Response Team reports: Elixir 0.8.0 uses Blowfish in CFB mode without constructing a unique initialization vector IV, which makes it easier for context-dependent users to obtain sensitive information and decrypt the database...
CVE-2010-3075
EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the las...
UBUNTU-CVE-2010-3075
EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the las...
CVE-2010-3075
EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the las...
CVE-2010-3075
EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the las...
CVE-2010-3075
EncFS prior to 1.7.0 uses CFB with the same initialization vector across multiple blocks, enabling local attackers to recover XORed data and reveal sensitive information (e.g., last block containing a single byte). The vulnerability is documented across multiple sources (e.g., SUSE advisories not...
CVE-2010-3075
EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initialization vector, which makes it easier for local users to obtain sensitive information via calculations involving recovery of XORed data, as demonstrated by an attack on encrypted data in which the las...
EncFS 1.6.0 - Flawed CBC/CFB Cryptography Implementation
source: https://www.securityfocus.com/bid/42779/info EncFS is prone to design errors in its cryptographic implementation. Three flaws have been identified that contribute to a weakening of the protections provided under CBC/CFB cipher mode. Attackers may leverage these weaknesses to attack...
EncFS 1.6.0 - Flawed CBCCFB Cryptography Implementation
EncFS 1.6.0 - Flawed CBCCFB Cryptography Implementation source: https://www.securityfocus.com/bid/42779/info EncFS is prone to design errors in its cryptographic implementation. Three flaws have been identified that contribute to a weakening of the protections provided under CBC/CFB cipher mode...
FreeBSD Ports: gnupg
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
CVE-2005-0366
The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback CFB mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is...
CVE-2005-0366
The integrity check feature in OpenPGP, when handling a message that was encrypted using cipher feedback CFB mode, allows remote attackers to recover part of the plaintext via a chosen-ciphertext attack when the first 2 bytes of a message block are known, and an oracle or other mechanism is...
OpenPGP/GnuPG chosen ciphertext cryptography attack
With CFB mode encryption attacker can recover part of the plaintext if 2 first bytes of the message block are known...
CVE-2005-0366
CVE-2005-0366 concerns OpenPGP/GnuPG where the integrity check feature, when decrypting a message encrypted with CF B mode, can allow a remote attacker to recover part of the plaintext through a chosen-ciphertext attack if the first two bytes of a message block are known and an oracle reveals whe...
SSH < 1.2.25 CBC/CFB Data Stream Injection
Binary data 1978.prm...