EUVD-2014-3565

Malware in sbrugna...

RHEL 5 : gnupg (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 5 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - GnuPG: Unenforced configuration allows for apparently valid certifications actually signed by signing...

SUSE CVE-2014-3591

Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during...

DEBIAN-CVE-2014-3591

Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during...

CVE-2014-3591

Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during...

Code injection

Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during...

CVE-2014-3591

CVE-2014-3591 affects Libgcrypt (before 1.6.3) and GnuPG (before 1.4.19), which do not implement ciphertext blinding for ElGamal decryption, enabling physically proximate attackers to potentially extract private keys via crafted ciphertext and EM field fluctuations during multiplication. Related ...

BSA-2017-458

Security Advisory ID : BSA-2017-458 Component : Libgcrypt Revision : 2.0: Final libgcrypt: use ciphertext blinding for Elgamal decryption new side-channel attack...

SUSE-SU-2015:1179-1 Security update for libgcrypt

This update of libgcrypt fixes one security issue and brings various FIPS 140-2 related improvements. libgcrypt now uses ciphertext blinding for Elgamal decryption CVE-2014-3591 FIPS 140-2 related changes: The library performs its self-tests when the module is complete the -hmac file is also...

DLA-190-1 libgcrypt11 - security update

Bulletin has no description...

Debian DSA-3185-1 : libgcrypt11 - security update

Multiple vulnerabilities were discovered in libgcrypt : - CVE-2014-3591 The Elgamal decryption routine was susceptible to a side-channel attack discovered by researchers of Tel Aviv University. Ciphertext blinding was enabled to counteract it. Note that this may have a quite noticeable impact on...

Debian Security Advisory DSA 3184-1 (gnupg - security update)

Multiple vulnerabilities were discovered in GnuPG, the GNU Privacy Guard: CVE-2014-3591 The Elgamal decryption routine was susceptible to a side-channel attack discovered by researchers of Tel Aviv University. Ciphertext blinding was enabled to counteract it. Note that this may have a quite...

Debian Security Advisory DSA 3185-1 (libgcrypt11 - security update)

Multiple vulnerabilities were discovered in libgcrypt: CVE-2014-3591 The Elgamal decryption routine was susceptible to a side-channel attack discovered by researchers of Tel Aviv University. Ciphertext blinding was enabled to counteract it. Note that this may have a quite noticeable impact on...

UBUNTU-CVE-2014-3591

Libgcrypt before 1.6.3 and GnuPG before 1.4.19 does not implement ciphertext blinding for Elgamal decryption, which allows physically proximate attackers to obtain the server's private key by determining factors using crafted ciphertext and the fluctuations in the electromagnetic field during...