937 matches found
MGASA-2014-0165 Updated openssl package fix two security vulnerabilities
Updated openssl packages fix security vulnerability: The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
Updated openssl package fix two security vulnerabilities
Updated openssl packages fix security vulnerability: The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
OpenSSL 1.0.1 < 1.0.1g Multiple Vulnerabilities
The version of OpenSSL installed on the remote host is prior to 1.0.1g. It is, therefore, affected by multiple vulnerabilities as referenced in the 1.0.1g advisory. - The 1 TLS and 2 DTLS implementations in OpenSSL 1.0.1 before 1.0.1g do not properly handle Heartbeat Extension packets, which allo...
DEBIAN-CVE-2014-0076
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
Design/Logic Flaw
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
CVE-2014-0076
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack...
Fedora 19 : mediawiki-1.21.6-1.fc19 (2014-3344)
bug 60771 SECURITY: Disallow uploading SVG files using non-whitelisted namespaces. Also disallow iframe elements. User will get an error including the namespace name if they use a non-whitelisted namespace. - bug 61346 SECURITY: Make token comparison use constant time. It seems like our token...
OpenVPN -- potential side-channel/timing attack when comparing HMACs
The OpenVPN project reports: OpenVPN 2.3.0 and earlier running in UDP mode are subject to chosen ciphertext injection due to a non-constant-time HMAC comparison function...
CVE-2013-0263
Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that doe...
Code injection
Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that doe...
CVE-2013-0263
Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that doe...
CVE-2013-0263 rubygem-rack: Timing attack in cookie sessions
Rack::Session::Cookie in Rack 1.5.x before 1.5.2, 1.4.x before 1.4.5, 1.3.x before 1.3.10, 1.2.x before 1.2.8, and 1.1.x before 1.1.6 allows remote attackers to guess the session cookie, gain privileges, and execute arbitrary code via a timing attack involving an HMAC comparison function that doe...
NetBSD Security Advisory 2005-001: Crypto leaks across HyperThreaded CPUs (i386, P4, HTT+SMP only)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 NetBSD Security Advisory 2005-001 ================================= Topic: Crypto leaks across HyperThreaded CPUs i386, P4, HTT+SMP only Version: NetBSD-current: affected, i386 on P4 with HTT and SMP kernels NetBSD 2.0: affected, i386 on P4 with HTT a...
Timing attack vector for remember me token
The current rememberme token verification process leaves the application open to a timing attack. Since the default is for the token to be stored as a cookie and for cookies to be encrypted, an attacker would have to know the application secret to exploit this. However, should a custom guard be...
Timing attack vector for remember me token
The current rememberme token verification process leaves the application open to a timing attack. Since the default is for the token to be stored as a cookie and for cookies to be encrypted, an attacker would have to know the application secret to exploit this. However, should a custom guard be...
CVE-2019-18887: Use constant time comparison in UriSigner
More info at https://symfony.com/cve-2019-18887...
CVE-2019-18887: Use constant time comparison in UriSigner
More info at https://symfony.com/cve-2019-18887...